Gateway

Understanding MSAL Token Authentication

Following is the flow of events in a typical NetScaler Gateway- MSAL token authentication:

  1.  When an app is launched in iOS or Android, the app contacts Microsoft. The user is prompted to log on with user credentials. After a successful logon, the app gets an MSAL token.

  2.  This MSAL token is presented to a NetScaler Gateway, which has been configured to validate the MSAL token.

  3.  NetScaler Gateway validates the signature of the MSAL token with the corresponding certificate from Microsoft.

  4.  After a successful validation, NetScaler Gateway extracts the User’s Principal Name (UPN) and grants the app VPN access to the internal resources.

Understanding MSAL Token Authentication