When you access Store URL and click on "Log on" you see the error - 

cannot start your session. wait a few minutes and try to logon again. If you still experience problems, contact your help desk.

When you click on the "OK" button multiple times, eventually it goes away.

More details on deployment -

User's devices are Entra ID Registered.

Users are not domain-joined and they are using Azure Entra ID with Windows Hello and Citrix SSO enabled

Users are connecting to storefront URL through Azure Load balancer.

Users are connected through VPN and in this case it was - ZeroTrust

Domain Passthrough authentication is configured.

While entering the credentials manually, there is not error observed.

Following event ID is observed on Storefront server

If you by-pass the Azure load-balancer by creating a hosts file entry and pointing the individual Storefront server's IP address to the Store URL, then the issue is not observed.

Azure load-balancer algorithm was re-configured to retain session stickiness configuration, as described in the article - https://learn.microsoft.com/en-us/azure/load-balancer/distribution-mode-concepts

Problem Cause

Session information not shared across load-balancer causing the requests to bounce between servers. When the session was sent to a server that did not authenticate it, it would fail to validate the session information.

https://learn.microsoft.com/en-us/azure/load-balancer/distribution-mode-concepts