<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D50Z00008G7VGRSA3Okta Classic EngineAdministrationAnswered2024-04-30T09:18:25.000Z2017-02-18T14:15:12.000Z2018-07-20T05:07:05.000Z

RodP.25663 (Customer) asked a question.

Edited by varun.kavoori1.5210444522562532E12 September 5, 2018 at 1:19 AM
Using SWA with Groups
We built a SWA app integration months ago and are now finally going live. However, we now discover that SWA apps cannot use Groups to assing users? Furthermore, in using the SWA app with People it wants us to enter the Password twice which the second time must (apparently) be done manually!! We are successfully pulling the password once through our AD integration, so why a manual second step? Any way to populate it with the AD pull, like using a mapping?

 

Is there a solution/work around?:

Preferred - a way to use Groups for our SWA app (don't get the logic disallowing this)

Secondary - a way to eliminate the second password requirement - or a way to pre-populate the second password (what a nuisance BTW)

 

Background - the SWA app is pointing to a Citrix XenApp site which authenticates to a vendor's AD which we have NO control over and they are not interested in adding SAML at this time. We go live this week! either I spend my days adding the second Password to the SWA People or I get some help, hoping for the latter 🙂
  • 2 answers
  • 905 views

  • j5v7c (j5v7c)

    To fully answer I would need to know what credentials are being used to authenticate the user to the application when the application is wanting to be applied by a group assignment. One option that you might be able to use with group assignment is the 4th SWA option "Administrator sets username, password is the same as user's Okta password".

     

    In this use case the username and password can be automatically assigned to the SWA application without the need to apply a second password that you seem to be having to do.
    Expand Post

  • RodP.25663 (Customer)

    Further detail - The SWA app is Citrix NetScaler Web login, so I am passing the Login and Password. Unfortunately the NetScaler sues the vendor's Active Directory which I have no access to or control over. The vendor simply gives me the user credentials, about 250 users! And no, the vendor is not willing to do SAML at this time. I have stored the login/password credentials in my AD where Okta authenticates the user. I Mapped the extended AD Attributes with these values to be passed as Login/Password. So upon successful authentication against MY AD, I pass the attribute values to the Citrix Web Interface which authenticates the user against the Vendor's AD.
    Expand Post
This question is closed.
Loading
Using SWA with Groups