Forum Discussion

Nimbostratus

Mar 25, 2024

APM with EntraID as idP / request signed

Hi experts. I need your help to solve an issue. I'm configuring a new enviroment with BIG-IP version 15.1.8.2 Build 0.0.17 Point Release 2. I have the APM works fine with SSO using EntraID (Azure...

BIG-IP Access Policy Manager (APM)

Employee

Apr 04, 2024

From your description it sounds like you are the SP (you send MS the (signed) auth requests) and Microsoft is the IdP (they send back an auth assertion (that should always be signed)). When your BIG-IP is acting as a SAML SP, it uses the "IdP Connector" object to logically connect your local SP service to the remote IdP service. The GUI tries to use simple language to describe the purpose of the setting, "Authentication Request sent by this device to IdP", but SAML has a lot of different settings that can be confusing.

Here's a screenshot of the GUI for that one:

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

APM with EntraID as idP / request signed

F5 Academy at AppWorld 2026

Aswin MK - November 2025 Featured Member

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

Terraform AS3 code for GTM Only.

BIG-IP device fails to install node-inspector

WAF Block Request

AST Configuration Assistance

F5 HA deployment in Azure using Azure Load Balancer

Related Content

HTTP Request Smuggling Using Chunk Extensions (CVE-2025-55315)

AS3 signed rpms

APM Cookbook: Single Sign On (SSO) using Kerberos

POC: Create and sign a JWT with iRule

Logging DNS Requests

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS