While working at a Workspace ONE project we were implementing a Unified Access Gateways (UAG) for untrusted connections to reach the workspace. Untrusted connections could be Wifi or the big bad interweb. They have two routes, all users reaching the Workspace aka Identity Manager (vIDM Proxy and vIDM) for authentication and choosing the entitlements and the second route after selecting a desktop route and using a tunneled UAG to connect to the Horizon desktop resources. With the latter the user has the option to select the Horizon Client or the browser, both are allowed and should reach the desktop. Do we hear a should? Yes, should. The Horizon client is connecting to the desktop, so an okay here. When using the HTML Web client we were greeted with a 404 error. Hey, wait?!?
Next steps get out the violin and start investigating.