Product Documentation

Building Your Own Application Connectors

Sep 27, 2015

You can create your own application connectors in App Controller. You can create either a Security Assertion Markup Language (SAML) connector or an HTTP Federated Formfill connector.

When you build a connector, you use the logon web address for the URL. For example, you want to add LinkedIn to your application list. Go to http://www.linkedin.com and then click Sign in. When the logon page appears, copy the web address and then paste the web address in the URL field in the Configure App wizard in App Controller.

Building SAML Connectors

App Controller enables you to build either a SAML 1.1 or SAML 2.0 connector. SAML connectors are used for web applications that support the SAML protocol for SSO. The Generic SAML connector enables you to create your own SAML connector for applications that support the SAML protocol. App Controller supports the identity provider (IdP) SSO for SAML applications.

Building HTTP Federated Formfill Connectors

App Controller can use Formfill to automatically enter user credentials in the application’s logon page. When users connect to a SaaS application, the web browser displays the logon form and then redirects users to the SaaS application. When you to add a new Formfill connector to the existing catalog, you must provide information about the application that you want to add. After you successfully configure the connector, you can then configure the connector for SSO. The Formfill connector supports applications that:

  • Obtain the user name and password and submit the credentials to the application without verifying the information again.
  • Set the application cookies when users request the logon page. The cookies set the attributes that change for each logon request for the application.

Building Enterprise Application Connectors

You can create enterprise application connectors from the Apps & Docs tab in the App Controller management console. When you create an enterprise app, you create the app and the Formfill connector at the same time. Users log on to enterprise apps by using SSO. You can also configure user account management for enterprise applications, as well as policies for the connector.

  1. In the management console, click the Apps & Docs tab.
  2. Under Apps & Docs > APPS, click Web & SaaS and then click the plus (+) sign in the right pane.
  3. In the catalog, click New enterprise app.
  4. On the Details page, complete the following:
    1. In App name, type a name for the app.
    2. In Description, enter a description for the app.
      Note: If you want to configure a second app with the same web address, you must give the app a different name.
    3. In URL, type the web address for the app. Precede the web address with http or https.
    4. Select App is hosted on internal network if the app is running on a server that resides in your internal network.
    5. To obtain user credentials from Active Directory, click Use Active Directory for SSO.
    6. Select Require app installation if users connect to the app from a mobile device. This setting requires users to download and install the app to their device.
    7. In Category, select the category from the list.
    8. In Assigned role, select the role. This is a mandatory field.
    9. In Image, select the default Citrix logo or select Upload to add your own logo to the logon page and then click Next.
      If you want to upload your own logo, click Browse and then navigate to the logo on your device.
      Note: The graphic you upload must be of the type PNG. You cannot upload a GIF or JPEG graphic. When you add a custom graphic, you cannot change it at a later time.
  5. Click Next.
  6. On the Workflow page, configure the following if you need approval for creating user accounts:
    1. Select Requires Approval and then either create a new workflow or select an existing workflow.
    2. If you create a new workflow, in Workflow name, enter a name for the workflow and then click Next.

      If you choose not to add or configure a workflow, click Next and go to Step 7.

    3. Under Manager Approvals, in Levels of manager approval, select the number of levels required for manager approval of the user account.
    4. Under Additional Approvers, in Enter additional required approvers, enter the name of the approver.

      Approver names originate from Active Directory.

    5. When the approver's name appears in the text field, click the name and then click the plus (+) symbol.

      The approver's name and email address appears in Selected Approver.

  7. Click Next.
  8. On the Policies page, configure any of the following:
    1. Under Device Security, in Block jailbroken or rooted, click the toggle to Off to allow this app to work on a compromised mobile device.
    2. The default is On, which does not allow the app to work on a compromised mobile device.
    3. Under Network Requirements, enable or disable WiFi required.
    4. Enable or disable Internal network required.
    5. In Internal WiFi networks, enter one or more Wired Equivalent Privacy (WEP) or Wi-Fi Protected Access (WPA) keys, separate by commas.
  9. Click Save.

To build a SAML connector

  1. In the App Controller management console, click the Settings tab.
  2. In the left pane, under Quick Links, click Add connector and then click SAML connector.
  3. In the Add a SAML Connector dialog box, in Name, type a name for the application.
  4. In Description, describe the application.
  5. In Logon URL, enter the logon web address for the application.

    You must include http:// in the web address.

  6. In SAML version, select the version.
  7. In Entity ID, enter the identity for the SAML application.
  8. In Relay State URL, enter the web address for the SAML application.

    The relay state URL is the response URL from the application.

  9. In Name ID format, select from the options in the list. The default is Email Address.
  10. In ACS URL, enter the assertion consumer service of the identity provider or service provider.

    The AssertionConsumerServiceURL (ACS URL) provides single sign-on (SSO) capability for users.

  11. In Image, select Use default to use the default Citrix logo or select Upload to add your own logo to the logon page.
    If you want to upload your own logo, click Browse and then navigate to the logo on your device.
    Note: The graphic you upload must be the type PNG. You cannot upload a GIF or JPEG graphic. When you add a custom graphic, you cannot change it at a later time
  12. Click Save.

To build an HTTP Federated Formfill connector

  1. In the App Controller management console, click the Settings tab.
  2. In the left pane, under Quick Links, click Add connector and then select Formfill connector.
  3. In the Add a Formfill connector dialog box, in Name, type a name for the connector.
  4. In Description, enter a description for the connector.
  5. In Logon URL, enter the logon web address for the connector.
  6. In Image, select the default Citrix logo or select Upload to add your own logo to the logon page.
    If you want to upload your own logo, click Browse and then navigate to the logo on your device.
    Note: The graphic you upload must be the type PNG. You cannot upload a GIF or JPEG graphic. When you add a custom graphic, you cannot change it at a later time.
  7. Click Save.

List of Application Connector Types

The following table lists the connectors and the types of connectors that are available with App Controller. The table also indicates if the connector supports user account management, which enables you to create new accounts automatically or by using a workflow.

Connector name SSO Formfill SSO SAML Supports user account management
AccessGateway Y    
AmericanAirlines Y    
AmericanExpress Y    
Ameritrade Y    
Ariba Y    
AtTask Y    
Basecamp Y    
Bill Y    
Birst Y    
Box Y    
Bugzilla Y    
Campfire Y    
CanadaPost Y    
CentralDesktop Y    
Ceridian Y    
CitrixAccessGateway Y    
CitrixWebInterface Y    
ConcurSolutions Y    
eBay Y    
EchoSign Y   Y
EchoSign_SAML N Y Y
Egnyte Y    
eLeaP Y    
Epocrates Y    
Evernote Y    
Expedia Y    
Fidelity Y    
Fieldglass Y    
Force Y   Y
Globoforce_SAML N    
GoogleApps_SAML N Y Y
GoogleApps_SAML _IDP
GoToAssist Y    
GoToManage Y    
GoToMeeting Y   Y
GoToMyPC Y   Y
GoToTraining Y   Y
GoToWebinar Y   Y
Groupon Y    
HelpSpot Y    
Jira Y   Y
Kayak Y    
LinkedIn Y    
LogMeInRescue Y    
LotusLive Y    
Marketo Y    
Medgate Y    
MedPageToday Y    
Medscape Y    
MyAtlassian Y    
MySpace Y    
NetDocuments Y    
Office 365
Oracle10g Y    
OracleCRM Y    
Orbitz Y    
OWA Y    
Pandora Y    
Pearson Y    
PeopleclickAuthoria Y    
PivotalTracker Y    
Postini Y    
QualysGuard Y    
Rackspace Y    
RallySoftware Y    
Recover_Password
Reset_AppPassword Y    
Responsys Y    
RightScale Y    
RingCentral Y    
Salary Y    
Salesforce Y   Y
Salesforce_SAML N Y Y
Salesforce_SAML_SP N Y Y
SAP Y    
ShareFile Y   Y
ShareFile_SAML N Y Y
ShareFile_SAML_SP N Y Y
Skype Y    
SlideRocket Y    
Smartsheet Y    
SoftLayer Y    
SouthwestAirlines Y    
SpringCM Y    
SuccessFactors Y    
SuccessFactors_SAML N Y  
SugarCRM Y    
SugarSync Y    
SurveyMonkey Y    
Syncplicity Y    
Twitter Y    
UnitedAirlines Y    
Web Link Y    
Webex Y   Y
WebEx_SAML_SP N Y Y
WebMD Y    
Webtrends Y    
YahooMail Y    
Yammer Y    
YouSendIt Y    
Zendesk Y   Y
Zoho Y