Airwatch and F5 APM

Question

Hi, I had a fully managed iPhones from Airwatch and need to do the following: User had company e-mail on the phone and in these e-mails there are https links to internal company Sharepoint sites. When a user click on the link he should be able to access the Sharepoint without being asked for username and password.&nbsp;
The idea is to use user certificate on the phone and then Kerboros Constrained Delegation to allow user to acces the Sharepoint.&nbsp;
What is the best solution that can make this to work? &nbsp;

vijay_e · Answer

Have you explored APM ?&nbsp;

fi_2016_187929 · Answer

This article should give you the details to configure Constrained Delegation.  Instead of Logon Page, use Client Cert Inspection, Safari should present the certificate to APM.  You may need a variable assign to get the username from the certificate.&nbsp;
https://devcentral.f5.com/articles/apm-cookbook-single-sign-on-sso-using-kerberos&nbsp;

Forum Discussion

Airwatch and F5 APM

2 Replies

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

can you help with getting a BigIP virtual edition serial key

VIP in https that redirect to another vip in https

In Using the AST tool am I pointing it to TENANTS or to the F5OS(hardware) I have?

2026 is Almost Here

VIP is not responding on SYN after enabling other modules like ASM, APM and AFM.

Related Content

Per-App VPN AirWatch et F5 BIGIP APM

APM variable assign examples

APM-Specific Features for Securing Your Website

APM Optimisation Script

Access Troubleshooting: BIG-IP APM OIDC integration

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS