For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

joyride_us's avatar
joyride_us
Icon for Altostratus rankAltostratus
Feb 23, 2021

APM - Creation of IdP and SP for SAML

Hi guys!   I am trying to configure IdP and SP on my BigIP. I have no idea about this. I have answered the questions in the iApp/Application Services. I have answered all the questions but on the ...
application delivery
BIG-IP Access Policy Manager (APM)
Daniel_Wolf's avatar
Daniel_Wolf
Icon for MVP rankMVP
Feb 23, 2021

Hi,

 

maybe you should take one step at a time. Are you aware of the roles of IdP and SP in SAML?

 

There are two parties involved in the process of SAML authentication, an identity provider (IdP) and a service provider (SP). IdP and SP mutually trust each other.

 

The IdP performs the authentication (very often against some kind of User Directory like LDAP) and passes the user's identity (as well as information about the users role, authorization, an so on) in the form of a SAML authentication token, to the SP.

 

The SP processes the token and gives the user access to the service, very often some kind of SaaS.

 

Which role should your BIG-IP take? The role of the IdP or the SP, both?

 

KR

Daniel