Stuck with integrating Citrix ShareFile within an Active Directory Federation Service? Perhaps we can fix that for you.
I’m currently working on an Active Directory Federation Service project and one of the tasks is to integrate with Citrix ShareFile.
The integration process went well -- perhaps it's a topic for a future post -- and it was completed in a few minutes. The overall gist requires copying the Token-Signing certificate from the ADFS Server and importing that information into Citrix ShareFile, as well as making small updates on the administrative web portal from Citrix.
However, the sign out on the Citrix ShareFile was not working properly and giving error messages without much information, only to say it's an Unknown Error. In order to solve the issue, I took the following steps described below.
The first step is to configure the sign out page on the Citrix ShareFile side, and that can be easily done by logging on to Citrix ShareFile as Administrator. Click on Admin and then Configure Single Sign-On. Add your ADFS FQDN to the following string: /adfs/ls/?wa=wsignout1.0. The result should be something like the image depicted below.
After doing that, when we try to sign out, we will get an error message, and that is normal. In order to make it work, we need to do additional changes on the ADFS side.
Open the ADFS Management tool, expand Trust relationships, and click on Relying party Trusts. Double click on the ShareFile entry that was configured previously.
In the Monitoring tab, unselect the option automatically update relying party and click on the Endpoints tab.
In the new tab, click on the Add SAML… button, and in the new page, select SAML Logout and POST. Then type your adfs address followed by /adfs/ls/wa=?wsignout1.0 on the Trusted URL field.
You can now open the Sharefile of your organization, click on Sign out and the result at this time will be a nice Sign out page as shown in the image below.
So by following these simple steps above, you can now also enable the sign out feature seamlessly using Active Directory Federation Services and Citrix ShareFile.