Use Configuration Checker to validate single sign-on configuration

Use Configuration Checker to run the test to make sure that the single sign-on is configured properly. The test runs on different checkpoints of the single sign-on configuration and displays the results.


You can hide all or part of the Advanced Preferences sheet. The Advanced Preferences option is available from the Citrix Workspace app icon in the notification area. For more information, see the Hiding the Advanced Preferences sheet section in the Citrix Product Documentation.

  1. Right-click Citrix Workspace app in the notification area and select Advanced Preferences.

    The Advanced Preferences window appears.

  2. Select Configuration Checker.

    The Citrix Configuration Checker window appears.

  3. Select SSONChecker from the Select pane.
  4. Click Run. A progress bar appears that displays the status of the test.

The Configuration Checker window has the following columns:

  1. Status: Displays the result of a test on a specific check point.
    • A green check mark indicates that the specific checkpoint is configured properly.
    • A blue I indicates information about the checkpoint.
    • A Red X indicates that the specific checkpoint isn’t configured properly.
  2. Provider: Displays the name of the module on which the test is run. In this case, single sign-on.
  3. Suite: Specifies the category of the test. For example, Installation.
  4. Test: Specifies the name of the specific test that is run.
  5. Details: Provides additional information about the test, irrespective of pass or fail. The user gets more information about each checkpoint and the corresponding results.

The following tests are done:

  • Installed with single sign-on.
  • Logon credential capture.
  • Network Provider registration - Displays a green check mark only when “Citrix Single Sign-on” is set to be first in the list of Network Providers. If Citrix Single Sign-on appears anywhere else in the list, the test result against Network Provider registration appears with a blue I and additional information.
  • Single sign-on process is running.
  • Group Policy -By default, this policy is configured on the client.
  • Internet Settings for Security Zones - Make sure that you add the Store/XenApp Service URL to the list of Security Zones in the Internet Options. If the Security Zones are configured using Group policy, you must reopen the Advanced Preference window for the changes to take effect and to display the correct status of the test.
  • Authentication method for StoreFront.


If you’re accessing Workspace for Web, the test results aren’t applicable.

In a multi-store configuration, the authentication method test runs on all configured stores.


You can save the test results as reports, and the default format for the report is .txt.


Configuration Checker does not include the checkpoint for the configuration of Trust requests sent to the XML service on Citrix Virtual Apps and Desktops servers.

Use Configuration Checker to validate single sign-on configuration

In this article