For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Somesh's avatar
Somesh
Icon for Nimbostratus rankNimbostratus
Oct 20, 2022

Does F5 BIG IP APM v17 supports entering Multiple Assertion Consumer Service URLs ?

Does F5 BIG IP APM v17 support entering Multiple Assertion Consumer Service URLs? If yes then please suggest where I can get the option. As I am not getting the option to enter multiple values here u...
cloud
devops
security
Mikayla_Dickinson's avatar
Mikayla_Dickinson
Icon for Employee rankEmployee
Oct 21, 2022

Hi Somesh,

ACS Indexing is not supported, however you can address this by binding multiple external IDPs to your local SP and setting a session variable after login to direct. Here is the info from the APM 17.0 

 

To bind multiple IdP connectors with this SP service, complete the configuration:

Select a connector from the SAML IdP Connectors list in the new row.

In the Matching Source field, select or type the name of a session variable.

Use a session variable only if it is populated in the policy before the SAML Auth action.

For example, select %{session.server.landinguri} or type %{session.logon.username}.

In the Matching Value field, type a value.

The value can include the asterisk (*) wild card.

For example, type *hibb* or south* .

Click the Update button.

The configuration is not saved until you click OK.

To add other IdP connectors, start by clicking Add New Row, fill the new row, and end by clicking Update.

Click OK.

APM saves the configuration. The screen closes


https://techdocs.f5.com/en-us/bigip-16-1-0/big-ip-access-policy-manager-saml-configuration/using-apm-as-a-saml-service-provider.html#GUID-77CBAC37-463A-44C7-99C5-E611482680C7