Forum Discussion

Icon for Nacreous rank

Nacreous

Feb 22, 2026

API Pre-Authentication

Some time ago I was dealing with legacy web applications being retrofitted with modern authentication. As you can imagine this opens up a world of pain when the developers of said applications have l...

application delivery

Icon for Nacreous rank

Nacreous

Feb 22, 2026

Not both. The first form of auth to web application front door was SAML. The second form of auth to the proxy was a JWT. The third form which I didnt discuss was an OAuth/OIDC mechanisim between the Proxy and the IDP used to get the JWT for the Proxy. As the IDP was the source of the original SAML authentication the proxy simply needed to go back to the same IDP and the user would be recognised as being logged in.

Icon for Nacreous rank

Nacreous

Feb 22, 2026

Oauth saml bearer assertion flow might also been used in this case. So saml assertion could be exchanged for an access token.

Kevin_Davies
Nacreous
Feb 22, 2026
If only it was supported.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

Jürgen - February 2026 Featured Member

DevCentral News

ICYMI - Steve Wozniak at AppWorld 2026

DevCentral News

F5 Architecture Track Sessions - AppWorld 2026

DevCentral News

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5