Find an Answer
Enterprise Sign-In allows your users to log into Citrix products using the same username and password they might use to access their email or log into Windows. Enterprise Sign-In provides IT administrators options for easily managing large numbers of users, user product access, and for delivering Single Sign-On (SSO) for those users.
Enterprise Sign-In is delivered, depending on your preferences, as fully packaged offerings from third-party Identity and Access Management (IAM) providers, as a set of Citrix-provided tools, or via identity and licensing APIs that allow you to design and build fully custom solutions. These solutions are available to new customers as well as those with existing accounts and users.
This document identifies the options to help you choose the most effective implementation for your requirements.
At this time, Enterprise Sign-In is available for:
Future releases will include other Citrix Mobility products.
Enterprise Sign-In for these products lets you provision users and grant access to Citrix products to streamline the IT admin workflow. You can also offer your users Single Sign-On (SSO) to improve their access to their Citrix business tools. Both of these options require that you first create an organization within Citrix, and that you validate any company email domains in that organization.
Simplified view of Enterprise Sign-In implementation options
In the chart, the three main implementation options - managed, implemented, and custom - are examples. These options can be mixed and matched. You could implement a managed IAM solution and a custom provisioning solution. Or just implement provisioning without Single Sign-On.
An organization is an entity you manage. The organization allows your administrators to configure sign-in options for your Citrix users based on the email domain they use to sign into Citrix products. For example, if all of your users sign in with names such as firstname.lastname@example.org and email@example.com, then “mycompany.com” is the organization email domain.
Note that an organization is not necessarily related to your product account where you manage product access. Organizations simply manage sign-in options for user identities matching your verified email domain(s). The users themselves could be given access through one or more customer accounts - for example, perhaps your Marketing department and Sales department have separately signed up for and are separately billed for two different GoToMeeting accounts. In this case, the user identities and SSO functionality can still be centrally managed through one organization.
Provisioning is the process of creating valid users within your company account, and extends to providing users with access for specific products. Smaller firms manage this using the Admin Center, but as the number of users increases, or if large shifts in users due to acquisitions, turnover, etc. occur, it makes sense to automate this process. Your options are (one of):
SCIM (System for Cross-domain Identity Management) is a specification that lets you manage users within your Citrix organization entity.
Organizations can be configured using the SAML specification to allow users in the validated email domains to be authenticated for sign-on through an Identity Provider. Your options are: