APM SAML IdP for Office 365

Question

Hi,&nbsp;
I have followed the guide Configuring the BIG-IP APM as a SAML 2.0 Identity Provider for
Microsoft Office 365 and used the iApp to set this up so get this working.&nbsp;
We have a problem when trying to sign into 365, we get directed to the F5 login page and credentials are accepted. Then we get redirected back to Microsoft but get the following error:&nbsp;
requested federation realm object does not exist&nbsp;
Has anyone successfully managed to configure the F5 as an IdP for Office 365 or seen this error before?&nbsp;
From what I can see we are passing the correct assertion when I examine the SAML ticket.&nbsp;
Thanks&nbsp;

niels_van_sluis · Answer

Maybe a mismatch between the issuer that is set in o365 and the issuer as set as the Entity ID in the BIG-IP. They need to be an exact match. Most common mistake is to include the trailing slash in one place and not the other.

Verify the IssuerUri by entering this code into Azure PowerShell:

Get-MsolDomainFederationSettings -DomainName

Forum Discussion

APM SAML IdP for Office 365

1 Reply

Welcome! a la Communidad DevCentral LATAM de F5!

The New F5 Certified BIG-IP Administrator Certification Exams Now Live

Recent Discussions

F5 XC JWKS auto update

PCI Compliance and ASM

irule for redirect and header injection

What happens if I activate only ASM without provisioning LTM?

Implement load balancing solution with constraints

Related Content

Sharing User Credentials Between SAML IDP and SP Policies in F5 APM

Office 365 Tenant Restrictions

APM Cookbook: SAML IdP Chaining

SSL VPN Split Tunneling and Office 365

APM Cookbook: AutoLaunch SAML Resources

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS