Call External Webservice for second factor authentication

Question

Hello&nbsp;
We want to define an APM profile with two factor authentication.
First of all, there would be an AD Authentication. After that, the APM would call an external webservice passing the username and session ID as parameters. The webservice responds with a token. Then, the APM shows a second logon page asking the user to provide the token, so that the APM can check that both tokens match.&nbsp;
We're trying to call the webservice with an iRule. 
Is is possible to call a webservice with SSL from an iRule?&nbsp;

arie · Answer

If the token is provided based on the user's credentials the process you describe doesn't seem to meet the requirements for two-factor authentication as you'd be using the same factor twice.&nbsp;

seth_cooper · Answer

I would think this would be possible with an iRule and Sideband connections.  Have you made any further progress on this issue?&nbsp;
Maybe you could use HTTP Auth and use that to send the HTTP request to the OTP??&nbsp;
-Seth&nbsp;

Forum Discussion

Call External Webservice for second factor authentication

2 Replies

F5 Container Ingress Services (CIS) and using k8s traffic policies to send traffic directly to pods

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

Syslog server not visible in GUI

Same LTM Monitor applied to different Pools with Common Nodes

irule execution error

F5 AWAF/ASM learning only from Trusted traffic?

OWA File Upload URIs for WAF Bypass

Related Content

F5 BIG-IP Access Policy Manager (APM) - Google Authenticator and Microsoft Authenticator

NTLM Authenticated Proxy External Monitor

External authentication for F5 users

iControl REST Authentication Token Management

Doing mTLS Authentication per URL

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS