[APM] OIDC Session Management

Question

Hi!&nbsp;
I'm trying to configure BIGIP as OpenID Connect Provider with APM v14.1.&nbsp;
Authentication works well but I wonder if v14.1 is implementing OIDC Session Management too.&nbsp;
I cannot find any end_session_endpoint or check_session_iframe endpoints in my .well-known/openid-configuration json file.&nbsp;
Maybe there is some feature to activate but I can't find it. Or maybe is it planned for v15?&nbsp;
If not, it's not possible to provide SSO/SLO, am I right?
&nbsp;&nbsp;
Then , I wonder if it's possible to provide Dynamic Client Registration ? I can't find any register endpoint as well.&nbsp;
Thank you for your help!&nbsp;
regards&nbsp;
Benjamin&nbsp;

ton_van_oostvee · Answer

Same question here. We also have configured an OpenID Authorization server / IdP with 14.1.

We are looking for a way to define the well know OpenID Connect _required_ "end_session_endpoint" , see par. 2.1 on:

https://openid.net/specs/openid-connect-session-1_0.html

How to do this?

tomáš71 · Answer

I have the same problem with APM v17.1 I cannot find any end_session_endpoint in my .well-known/openid-configuration json file. Please advise how to implement RP-Initiated Logout.

Best regards,

Tom

mebbels · Answer

Did anyone find if F5 supports&nbsp;end_session_endpoint?

Forum Discussion

[APM] OIDC Session Management

Recent Discussions

self-directed requests fail because of no certificate

Decode ObjectSID from Base64-encode string

iRule - Url rewrite and header replace and pool selection not working

ip x-forwarding

F5 ASM API-Protection Policy

Related Content

Ending an APM session when browser tab is closed

Minimizing Security Complexity: Managing Distributed WAF Policies

Re: Management Certificate

Harnessing the power of F5 BIG-IP Access Policy Manager (APM) and Microsoft

Integrate APM Sessions with AD Account Management

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS