Forum Discussion
jessperbaylon
Nimbostratus
NimbostratusAPM Integration with Azure AD for MFA
Hi All,
I have integrated my BIG-IP APM to Azure AD SAML Auth and the authetication to Azure AD works well.
I have set the SAML Auth Force Authentication to Enable and everytime the user login to VPN it keeps on prompting for both Credential (Username and Password) and MS Authenticator PIN.
If I set the SAML Auth Force Authentication to Use AAA Server settings, the Azure Portal Appear to select the username without asking for MS Authenticator.
Is there a way to configure either on Azure AS or APM where in when user authenticate it will only prompt for MS Authenticator PIN and allows the Credential (Username and Password) to follow the AAA Server settings which Single Sign On to machine?
This will help to improve the user experience to lessen the time frame when authenticating.
Thanks in Advance.
- Nikoolayy1
MVP
just for MFA maybe see https://learn.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-nps-extension and use NPS server on-prem that will talk with the Azure AD and your F5 APM. Also you can test https://learn.microsoft.com/en-us/azure/active-directory/authentication/howto-authentication-passwordless-phone but I have not done this myself.
- LiefZimmerman
Admin
jessperbaylon - If your post was solved it would be helpful to the community to select *Accept As Solution*.
This helps future readers find answers more quickly and confirms the efforts of those who helped.
Thanks for being part of our community.
Lief
