Citrix – ”PIN PassThrough” från WI/CAGEE


This solution is targeting home users or users logging in to another corporate system using a smartcard.


The solution requires Citrix new SSO API for Citrix Online plugin (receiver) and SecMaker’s Net iD Citrix SSO “plugin”.

Technical description

When the computer starts it is logged on with a local account or a domain account from another domain than the target domain. When a user logs on the Citrix Web Interface or Citrix Access Gateway Enterprise using the smartcard PIN. When the PIN is entered, Net iD SSO Service caches the pin and feeds Citrix SSO service with the smartcard PIN. When a connection towards a Citrix XenApp published application is made or a XenDesktop Citrix SSO service feeds the credential provider on the server or desktop with the smartcard PIN and an automatic logon is made as the same user who logged on the Citrix Web Interface or Citrix Access Gateway Enterprise. When the user removes his card the Net iD SSO and Citrix SSO Service is unloaded to ensure PIN no longer is cached, and the connection towards the server or desktop is disconnected.