F5 APM Single IdP for Multiple SP's (Redirect External VIP to Internal VS's)

Hello,

I suggest to define your IDP as internal VS also. Then, you configure a public VS targeting all others (SP and IDP) using your irule :

when HTTP_REQUEST {        
        switch [string tolower [HTTP::host]] {            
            "app1.domain.com*" { virtual app1.corp.domain.com }
            "app2.domain.com*" { virtual app2.corp.domain.com }
            "idp.domain.com*" { virtual idp.corp.domain.com }
            default { reject }

        }
    }

I suggest adding a wildcard at the end of the hostname because sometimnes you will have request targetint "app1.domain.com:443" for example.

You should also define a default behavior.