Launching Ivanti Secure Access Client using URL

Launching Ivanti Secure Access Client using URL feature enables the user to launch the Ivanti Secure Access Client using the admin prescribed URL. This feature is supported for Windows only.

Administrator creates a web URL (in a prescribed format), and provides it to the user in the following ways:

URL is placed in a web page in the form of a link and the address of the link is provided to the user.

URL itself is provided to the user.

User clicks on the link or types the URL in the browser. Ivanti Secure Access Client gets launched and the connection is redirected to the gateway mentioned in the URL.

User receives a link or a URL which has been crafted by an administrator. Following is the format of the URL:

pulsesecureclient://
connect?name=NAME&server=SERVERURL&userrealm=REALM&username=USER&store=TRUE

Table lists the parameter and their description mentioned in URL:

Parameter

Mandatory/Optional

Action

pulsesecureclient

Mandatory

// URI scheme for URL launching.

connect

Mandatory

This parameter is an action item and establishes the connection.

name

Mandatory

This parameter is an unique parameter, which defines the name of the connection. This connection name is used to identify a specific connection.

Connection name will be suffixed by (Auto Launch) for Ivanti Secure Access Client connection established through URL.Connection name will be displayed as Name(Auto Launch).

name parameter is case sensitive.

For example, a connection named as Connection1 will be different from a connection named as connection1.

server

Mandatory

This parameter defines the sign-in URL, to which Ivanti Secure Access Client should get connected. It can be any one of the following:

FQDN

IP address (IPv6 and IPv4)

A Sign-in URL

userrealm

Optional

This parameter defines the user realm.

userrealm parameter is case sensitive.

username

Optional

This parameter defines the username.

username parameter is case sensitive.

store

Optional

If store value is "True", then the connection information gets saved in the connection store.

If store value is "False", then the connection information will not be saved in the connection store.

It provides the flexibility for the user to save the connection information for future purposes.

Following is the scenario to understand the behaviour of this feature:

In this scenario, the user establishes a Auto Launch connection to the Ivanti Connect Secure server with userrelam as "Users" and username as "test_user". Also, user wants to store the connection in Ivanti Secure Access Client for future references.

Administrator will craft the URL with the values mentioned in below table:

Parameter

Values

name

Test Connection

server

https://pcssamlpcs.psecure.net/

userrealm

Users

username

test_user

store

true

1.User receives a link or the below mentioned URL which has been crafted by an administrator.

pulsesecureclient://connect?name=Test Connection&server=https://pcssamlpcs.psecure.net/&userrealm=Users&username=test_user&store=true

2.Once the user opens the URL (in Edge browser), following screen appears:

A permission dialog box appears to get the confirmation from the user to launch Ivanti Secure Access Client application via URL.

3.User clicks Yes button and Ivanti Secure Access Client gets launched.

A connection with the name specified in the URL is added in the Ivanti Secure Access Client and following screen appears:

Connection name will be suffixed by (Auto Launch) for Ivanti Secure Access Client connection established through URL.

4.User enters the password and clicks the Connect button.

Now, connection <Connection Name>(Auto Launch) with provided values as mentioned in the table is established. The full connection name can be viewed in Edit window as shown in the following screen.

After this, Ivanti Secure Access Client is launched, and a connection named Test Connection (Auto Launch) is established. This connection is then established with username as test_user.

After successful connection establishment, if a user decides to disconnect the Auto Launch connection, click Disconnect button. Auto Launch connection gets disconnected and connection details gets stored in the Ivanti Secure Access Client for future references, as store parameter is set to true in this scenario.

Otherwise, if store parameter is set to false, then the connection details of Auto Launch connection is not be stored after disconnection. Also, next launch of the Ivanti Secure Access Client with same URL will create a new connection.

If the user tries to connect the connection with same connection name but with different server URL, following error message appears:

Benefits

Following are the benefits of this feature:

Fast Connection: As URL will handle the Ivanti Secure Access Client launch, user needs not to login through Ivanti Connect Secure, which reduces number of logins, hence time saving and fast connection.

Enhancing User Experience: When ICS (IP or FQDN based), username and realm are prefilled, user just needs to enter the password to login.

With the help of Store parameter in launch URL format, it will be possible to have temporary client entries. This ensures that each connection need not to be stored in the PDC and PDC does not get filled up with a pile of entries.

Scriptability: Programmatically driven launch of Ivanti Secure Access Client lessens the burden of the Administrator.

Following is the scenario to understand the scriptability behaviour of this feature:

User enters the URL in command Prompt as shown below:

A permission dialog box appears to get the confirmation from the user to launch Ivanti Secure Access Client application.

User clicks Allow button, following authentication screen appears for user to authenticate:

Click Connect. Following screen appears:

Connection named Test Connection(Auto Launch) with provided values in table is established.