Office - IT - Enable Citrix Two-Factor Authentication
Table of Contents
Overview
This guide will demonstrate how to download the authentication method to utilize Two-Factor Authentication for Citrix login.
Required Permissions
Admin access to install software on device
Two-Factor Authentication
Before subscribers can use two-factor authentication with Citrix Workspace, they must register their device. During registration, Workspace presents a QR code for the subscriber to scan with an authentication app. The authentication app must follow the Time-Based One-Time Password (TOTP) standard, such as Citrix SSO.
Download Authentication App
For a smooth registration process, download and install Citrix SSO on the target device prior to attempting login. Other available authenticators are Google Authentication or Microsoft Authenticator.
On your mobile device, click here to navigate to the app store. Or on your device, go to the app store and search for Citrix SSO.
Click Install.
Register Two-Factor Authentication
Open a browser, navigate to https://clubessential.cloud.com/, and select Don’t have a token?
Enter the username in the domain\username format or the company email address and select Next.
Example credentials: cecloud\cmatestCitrix Cloud then sends the subscriber an email with a temporary verification code.
Enter the verification code and Active Directory account password when prompted and select Next.
Please note: The verification code is temporary and is only used to register the subscriber’s device. The subscriber mustn’t use this code to sign into their workspace with two-factor authentication.From the authenticator app, scan the QR code or enter the verification code manually.
Select Finish and Sign In to complete the registration.
After completing registration, return to https://clubessential.cloud.com/ and enter the credentials along with the token displayed in the authentication app.
Â
Â
Best Practices
Only verification codes that are generated from an authentication app on an enrolled device are supported tokens for two-factor authentication. Subscribers mustn’t use the temporary email token sent during the registration process.