F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

kpoadips's avatar
kpoadips
Icon for Nimbostratus rankNimbostratus
Nov 24, 2020

F5 BIG-IP APM with SAML on simplesamlphp

I have configured the F5 BIG-IP for SAML authentication. My IDP is simplesamlphp. I have configured SAML SP Provider and External IDP connector and connected it to Virtual Server. On simplesamlphp I added an application by importing xml metadata from BIG-IP. Communication works, authentication passes, but finally BIG-IP reports to me on Virtual Server: 

Access was denied by the access policy. This may be due to a failure to meet access policy requirements.

In the apm log I have the information: 

/ Common / SAML_ACCESS_POLICY: Common: ff7ec2b7: SAML Agent: / Common / SAML_ACCESS_POLICY_act_saml_auth_ag failed to parse assertion, error: Response is not encrypted

I cannot log in to F5 BIG-IP APM.

BIG-IP Access Policy Manager (APM)
saml simplesamlphp
security

2 Replies

  • spalande's avatar
    spalande
    Icon for Nacreous rankNacreous
    Apr 04, 2021

    Please check if SAML encryption is enabled. It would expect to send the SAML assertion to be encrypted.