Citrix Cloud Sign In

Information

There are several key decisions an admin must make when planning a design for a resource location to be used with the Citrix Cloud Virtual Apps and Desktops Service. The first of these decisions is the Subscription Workspace model they plan to utilize.
Subscriptions
Selecting a subscription model is a complex decision as it involved the planned growth of the footprint in azure considering both the initial design and planned growth of the environment.
Single Subscription workspace model
In a single subscription, all core and citrix infrastructure remain inside the same subscription. This configuration is recommended for environments that require up to 1,000 Citrix VDA Machines.
Multi-Subscription Workspace Model
In this model, Citrix and Core resources reside in seperated subscriptions to help manage scalability in large deployments.
Protecting Citrix Cloud Resource location hosted in azure
NSG (Network Security Groups) are simplified packet inspection devices the allow or deny traffic over specific ports to the resources hosted inside the azure platform for usage with Citrix Cloud Virtual Apps and Desktops Service. The port requirement for a Citrix Cloud Resource location are as follows:

Granting Access for Citrix Cloud to Access your Azure Subscirption
When considering how to connect the Citrix Cloud Virtual Apps and desktops Service to the Azure subscriptions, there are 2 primary options for connecting Citrix Cloud to the Azure Subscription:

1. Subscription Scope Principals.
2. Narrow Scope Service Principals
When an admin creates a host connection to azure for the first time, Microsoft Azure creates a Service Principal which is an application template created that impersonates the user and the rights it has over the subscription. When the Citrix Service creates the Service principal for the host connection through studio, a Subscription Scope principal is created that provides the list of permissions included in the service principal across all resources hosted in the Azure subscription.
Customers that have needs for more granular controls over their resources, the admin can also create what is called a Narrow scope service principal. This requires a bit more planning in designing the environment in that the admins not only need to pre-create the resource groups the vda's reside in, but the access to these resource groups needs to be defined to a pre-created service principal prior to creating the service principal.
The requirements and process to create this narrow scope service principal are defined in greater detail at Tech Article - https://support.citrix.com/article/CTX219243.
At this stage, the admin is now prepared to deploy their first machine catalog to Azure using the Citrix Cloud Virtual Apps and desktops service. For more information as to how to Prepare a Master Image and deploy a machine catalog, review the following article: https://docs.citrix.com/en-us/citrix-virtual-apps-desktops/1912-ltsr/install-configure/machine-catalogs-create.html#prepare-a-master-image-on-the-hypervisor-or-cloud-service

Existing Citrix Cloud Admin login credentials
Should have set up Multi-Factor Authentication

Citrix Sw21cloud

Instructions

Citrix Cloud Sign In Access

1. Sign In to https://cloud.citrix.com
2. Enter the 6-digit OTP code from the authenticator app you have configured and click Verify
3. If you lose or don't have access to your authenticator app, click Don't have your authenticator app?
4. Copy a backup code previously saved during enrollment and click Verify
   • Note: These are one time use backup codes, be sure to generate a new set when running low

Log In To Citrix Receiver

Additional Resources

Citrix Cloud Sign In

1. CTX272245 - Accessing Citrix Cloud using Multi-Factor Authentication
2. CTX272243- Setting Up Multi-Factor Authentication - Citrix Cloud Admins