Forum Discussion

Nimbostratus

Jan 09, 2025

EntraID + F5 as Oauth client/resource server not sending ID Token to app

Hello, Here is the basic setup. F5 is configured to use EntraID and is set up as the client+resource server. When a user logs into the web app via EntraID they are able to login just fine. Ho...

Nacreous

Jan 24, 2025

I am bit confused
When you talk about web app you are reffering to the actual web app server or to an APM policy
Cause if you want to consume oauth tokens on web app (pool member) you need to configure it as resource server too.
Otherwise it makes totally sense no to be able to validate the token

as for ./default scope it seems to be a special scope which should not be used in cases like this.
and yes it somehow don't need the jwt key to be validated

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

EntraID + F5 as Oauth client/resource server not sending ID Token to app

Security Best Practices for F5 Products

F5 AppWorld 2026 Registration - early bird pricing.

Kostas Injeyan - October 2025 Featured Member

Recent Discussions

External Data Group Import Failing.

Can F5 restrict the file types transferred via FTP?

Dump all host running services during APM logon

NGINX event logs send to F5 Data Collection Device and analysis from BIG-IQ it possible or not?

Cannot ping external interface

Related Content

Select Between Multiple Network Access Resources with the Edge Client

The TCP Send Buffer, In-Depth

Send OTP via sendgrid(email) API

Select Between Multiple Network Access Resources with the Edge Client – Local DB Auth

Convert curl command to BIG-IP Monitor Send String

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS