Configure Citrix Workspace app
This article lists tasks that help you configure Citrix Workspace app for iOS.
Feature flag management
If an issue occurs with Citrix Workspace app in production, the affected feature can be disabled dynamically in Citrix Workspace app. It is possible to do so even after the feature is shipped. We use feature flags and a third-party service called LaunchDarkly. You do not need to make any configurations to enable traffic to LaunchDarkly, except when you have a firewall or proxy blocking outbound traffic. In that case, you enable traffic to LaunchDarkly via specific URLs or IP addresses, depending on your policy requirements.
You can enable traffic and communication to LaunchDarkly in the following ways:
Enable traffic to the following URLs
app.launchdarkly.comevents.launchdarkly.comstream.launchdarkly.comclientstream.launchdarkly.comFirehose.launchdarkly.commobile.launchdarkly.com
List IP addresses in an allow list
If you must list IP addresses in an allow list, for a list of all current IP address ranges, see LaunchDarkly public IP list. You can use this list to ensure that your firewall configurations are updated automatically in keeping with the infrastructure updates. For details about the status of the infrastructure changes, see LaunchDarkly Status.
LaunchDarkly system requirements
You must verify that the apps can communicate with the following services if you have split tunneling on the Citrix ADC set to OFF for the following services:
-
LaunchDarkly service
-
APNs listener service
Provision to disable LaunchDarkly service:
You can disable LaunchDarkly service on both on-premises and cloud stores.
On the cloud setup, you can disable the LaunchDarkly service by setting the enableLaunchDarkly attribute to False. You can achieve this from the Global App Configuration service UI.
{
"assignedTo": [
"AllUsersNoAuthentication"
],
"category": "Third Party Services",
"settings": [
{
"name": "Enable Launch Darkly",
"value": "true"
}
],
"userOverride": false
}
<!--NeedCopy-->
For more information, see the Global App Configuration Service documentation.
On the on-premises deployment, do the following:
- Use a text editor to open the web.config file, which is typically at
C:\inetpub\wwwroot\Citrix\Roamingdirectory. -
Locate the user account element in the file (Store is the account name of your deployment).
For example,
<account id=... name="Store">Before the tag, navigate to the properties of that user account:
<properties> <clear/> </properties> <!--NeedCopy--> - Add the enableLaunchDarkly tag and value as false.
-
Add the enableLaunchDarkly tag and value as false.
<property name="enableLaunchDarkly" value="false" />
Note:
Most of the features are behind a feature flag controlled by LaunchDarkly. In the environments where it is disabled, you have to wait for a minimum of 90 days.
Inactivity timeout for Citrix Workspace app
Admins can specify the amount of idle time that is allowed. After the time-out value, an authentication prompt appears.
The inactivity timeout value can be set starting from 1 minute to 24 hours. By default, the inactivity timeout isn’t configured. Admins can configure the inactivityTimeoutInMinutesMobile property by using a PowerShell module. Click here to download the PowerShell modules for Citrix Workspace app configuration.
When you’ve reached the specified time-out value, the end-user experience is as follows depending on the authentication type configured:
- After the inactivity timeout, you’ll receive a prompt to provide biometric authentication to access the Citrix Workspace app again.
-
If you can cancel the biometric authentication prompt, the following message appears:
Citrix Workspace app is locked.
You must authenticate to continue to use the Workspace app.
If the passcode is not configured on the iOS, you have to sign in with credentials after the inactivity timeout.
Note:
This feature is applicable for customers on Workspace (Cloud) only.
Customer Experience Improvement Program (CEIP)
| Data Collected | Description | What we Use it for |
|---|---|---|
| Configuration and usage data | The Citrix Customer Experience Improvement Program (CEIP) gathers configuration and usage data from the Workspace app for iOS and automatically sends the data to Google Firebase. | This data helps Citrix improve the quality, reliability, and performance of the Workspace app. |
Additional Information
Citrix handles your data in accordance with the terms of your contract with Citrix. The data is protected as specified in the Citrix Services Security Exhibit. For more information, see Citrix Trust Center.
Citrix uses Google Firebase to collect certain data from Citrix Workspace app as part of CEIP. Review how Google handles data collected for Google Firebase.
To stop sending CEIP data to Citrix and Google Firebase:
- Open Citrix Workspace app for iOS.
- Tap Home > Settings.
- Navigate to the General section.
- Disable the Send Usage Statistics option.
Note:
No data is collected for the users in the European Union (EU), European Economic Area (EEA), Switzerland, the United Kingdom (UK).
The specific CEIP data elements collected by Google Firebase are:
| Session information and session launch method | Citrix stores and store configuration | Auth type and authentication configuration | ICA connections |
| HDX session launch | Store app session | WebView action open | WebView action copy |
| WebView action share | Workspace app review | Connection status, connection error, connection center usage | External display |
| Socket status | Session duration | HDX over UDP | Session launch time |
| Device information | Device model info | Send usage statistics | App language, Workspace app language |
| Keyboard language | Citrix store type | Citrix store combination | Store protocol type |
| Store count | HDX UDP status | RSA token installations |
Known limitations
- On VDA 7.18 and earlier, casting to a workspace hub requires the desktop or other resource you’re using to have the .h264 full-screen policy enabled and the legacy graphics policy to be disabled.
Session sharing
If users log off from a Citrix Workspace app account, they can still disconnect or log off from remote sessions.
- Disconnect: Logs off from the account but leaves the Windows application or desktop running on the server. The user can then start another device, launch Citrix Workspace app for iOS, and reconnect to the last state before the user disconnects from the iOS device. This option allows users to reconnect from one device to another device and resume working in running applications.
- Log off: Logs off from the account and closes the Windows application. It also logs off from the Citrix Virtual Apps and Desktops, and Citrix DaaS server. This option allows users to disconnect from the server and log off from the account. When they launch Citrix Workspace app for iOS again, it opens in the default state.
Cloud stores
You can access the web, SaaS apps, and websites hosted by your organization. This is regardless of your access location. This feature is available only for customers on cloud stores.
Auto-populate store URL
When you’re accessing the rebranded Citrix Workspace app for iOS, you can choose to auto-populate the store URL. This capability reduces manual intervention and provides quick access to the app. For more information about app personalization, see App Personalization.
Support for PiP Feature preview
Note:
This feature is in public preview.
Citrix Workspace app for iOS now supports Picture-in-picture (PiP) mode. You can shrink your desktop session, SaaS app, or web app, to a floating window that you can move freely around the screen and place anywhere. PiP mode frees up the home screen of the Citrix Workspace app for you to complete other tasks. Click the Home button on the session toolbar in your desktop session, or on the ellipsis menu (…) > Minimize in your SaaS app or web app to minimize the screen. Click the floating window to view the app in full screen and close the app by clicking the X icon on the floating window. The floating window appears automatically in full screen when you minimize another app.
This feature is supported for both on-premises and cloud deployments. However, for cloud deployments, web apps can be minimized to a PiP. You can also switch between a desktop session and a web app.
Note:
You can keep only two apps active at a time. One in full screen mode and the other minimized as a PiP:
- 2 web or SaaS apps
- 1 web or SaaS app and 1 virtual app or desktop session
Known limitations:
- PiP mode is unavailable when external peripherals are connected such as a mouse or keyboard or external monitor.
- If PiP mode is enabled and your device is connected to an external monitor, Citrix Workspace app is unresponsive and the back button is unavailable in Display settings inside the desktop session.
Rapid Scan Feature preview
Note:
This feature is in public preview. You can request access to this feature at: https://podio.com/webforms/28491324/2276103.
If you’re signed into Citrix Workspace app on multiple devices, you can use the Rapid Scan feature to scan multiple documents with an iOS device. You can then transfer those scanned documents to a Mac device.
For instructions on how to use the Rapid Scan feature to scan documents, follow these steps:
- On your Mac device, right-click on the Citrix Workspace app icon in your desktop session and click Rapid Scan. A QR code is displayed.
- On your iOS device, click Settings > Rapid scan.
- Scan the QR code displayed on your Mac device to establish the connection between your Mac and iOS devices.
- Scan any document and send it to your Mac device.
- In your desktop session on your Mac device, you can locate the documents you scanned in the Finder.
Prerequisites
- Client drive mapping (CDM) must be enabled for the store.
- You must be signed into the same account in the Citrix Workspace app on both your iOS device and Mac device.
- You must be connected to the same Wi-Fi.
- The minimum version required of Citrix Workspace app for Mac is 2304.
- Rapid Scan requires read and write access on your device. To enable access, follow these steps:
- From your profile, click Application Settings > Store Settings.
- Click your current store.
- Click Device Storage and select Read and write access.
Document scanner Feature preview
Note:
This feature is in public preview and can be enabled by request. You can request access to this feature at: https://podio.com/webforms/28405010/2263002.
Using the document scanner, you can now scan and save multiple documents, all within the desktop session. You can access this feature by clicking the Scan button on the session toolbar. However, if you have Citrix Casting enabled, this feature is found on the session toolbar by clicking More > Scan Document.
The document scanner feature requires read and write access on your device. To enable access, follow these steps:
- From your profile, click Application Settings > Store Settings.
- Click your current store.
- Click Device Storage and select Read and write access.
End user experience monitoring enhancement
We now support the EUEM (End user experience monitoring) client startup metrics. EUEM helps in collecting highly granular session experience monitoring data in real time. It sends the data to the Director dashboard, so that the administrator can monitor the user experience. The data is collected through the Session experience monitoring service (SEMS) present on the VDA. Client startup metrics data available for monitoring on the dashboard includes:
- ICA file download duration.
- Session creation client duration. Session creation client duration represents the time taken to create a session. It is calculated from the moment an ICA file is launched till the connection is established.
- Session lookup client duration. Session lookup client duration represents the time taken to query every session for hosting the requested published application. The check is performed on the client to determine whether an existing session can handle the application launch request.
- Citrix real-time recording of the ICA round trip time, also known as ICA RTT. ICA RTT is the time that elapses from when the user presses a key until the response is displayed at the endpoint.