Citrix Cloud™

Service Provider Initiated SSO vs Identity Provider Initiated SSO

SP-initiated SSO - the end user logs in directly from the web application (SP) such as stores and/or Citrix Cloud, which then redirects them to the SAML IdP for authentication, and if authentication is successful, then redirects the end user back to the web app (SP) and logs them in.

IdP-initiated SSO - the end user logs in first to their SAML IdP and then selects the app (SP) they want to launch from the IDP portal.

Can Identity Provider Initiated SSO be used with store or Citrix Cloud?

No. Stores and Citrix Cloud both only support SAML Service Provider Initiated SSO logon. All logon flows must be initiated via either a store URL for end user access, or a Citrix Cloud GO URL for Citrix Cloud admin access.

Service Provider Initiated SSO vs Identity Provider Initiated SSO