Forum Discussion

DenverRB_326662's avatar
DenverRB_326662
Icon for Nimbostratus rankNimbostratus
Sep 05, 2018

APM - OTP - HTTP AUTH - Hidden Forms Parameters

APM - OTP - HTTP AUTH - Hidden Forms Parameters

 

Working on Version 11.3 Latest Release and utilizing APM with an Access Policy, trying to get OTP to work with SMS.

 

How does one translate the required parameters presented in an example by the vendor into the variables needed to be pulled back to get OTP to work.

 

I can get the CURL feature to function from the BigIP Command Line, however I am unable to get the HTTP Auth Configuration to work.

 

I think my expertise falls under how to translate the vendor required attributes into the Hidden Forms Values. This is what I have and I get no response via the HTTP Auth I have setup. I have been unable to find a KB on something like this on Dev Central and feel this may help out any other person new to HTTP AUTH.

 

This is an example CURL - using the SMS OTP Verification using textbelt.com

 

$ curl -X POST https://textbelt.com/otp/generate \
       --data-urlencode phone='5557727420' \
       --data-urlencode userid='myuser@site.com' \
       -d key=example_otp_key

I can get this curl to work via command line when substituting my cell phone .

 

When I substitute my Phone Number to attempt a manual POST in the Hidden Form Value I get no results back.

 

In the Configuration for HTTP Auth -

 

  Form Based > Selected 
  Start URI > Empty
  Form Methd > POST
  Form Action > http://textbelt.com/otp/generate
  Form parameter for User Name > Empty
  Form Parameter for Password > Empty
  Hidden form Parameters/Values >

    phone='5557727420'
    userid='myuser@site.com'
    message= 'Launch Code: $OTP!=%{session.otp.assigned.val}'
    lifetime=%{session.otp.assigned.ttl}
    key=example_otp_key
  • You must create a virtual server

     

    • destination : X.X.X.X:80
    • client ssl profile : None
    • server ssl profile : serverssl
    • pool : 1 member : textbelt.com port 443

    then in HTTP server:

     

    Form Based > Selected
    Start URI > Empty
    Form Methd > POST
    Form Action > http://X.X.X.X/otp/generate
    Form parameter for User Name > Empty
    Form Parameter for Password > Empty
    Hidden form Parameters/Values >
    
        phone 5557727420
        userid myuser@site.com
        message Launch\ Code:\ $OTP!=%{session.otp.assigned.val}
        lifetime %{session.otp.assigned.ttl}
        key example_otp_key