Configure APM for OAuth 2.0 and Active Directory authentication

APM can be OAuth 2.0 authorization server at least since sw version 13. OpenId Connect Client and Resource server roles were supported in sw 13.1. I have used the functionality a couple of times with AD and also chaining to SAML federation.

OpenID Connect authorization server (OIDC Provider) support came with the recent sw version 14.0, which I haven't had time to look at yet.

There is documentation in AskF5, but I'm still trying to find it for the OIDC Provider (authorization server) part, though. One has to have understanding of how OAuth 2.0/OIDC flows work as the documentation is note very clear for a beginner. There are quite a few things to configure and a lot of new terminology. I learned it more or less by trial and error, and reading OIDC tutorials, so a lab to test helps.

See (v14 documentation):

https://support.f5.com/kb/en-us/products/big-ip_apm/manuals/product/big-ip-access-policy-manager-authentication-and-single-sign-on-14-0-0/38.htmlguid-be8761c9-5e2f-4ad8-b829-871c7feb2a20