Forum Discussion
cmp19
Nimbostratus
NimbostratusF5 SAML IdP with Okta User Facing
Currently have F5 APM set up as a SAML IdP for ~10 SaaS providers. We also have an Okta environment set up with it's own SAML connections to other SaaS providers. We would like to start sending...
cmp19Nimbostratus
NimbostratusThanks for the response Dave,
If I'm understanding the example you linked, the end user would first connect to F5 which would then relay the authentication request to the IdP (in my case Okta) which would then reply with a "yes" to F5 which would then allow them into the resource they want. In my use case I would like a user to first connect to Okta who would then press a resource button (Salesforce, for example) which would use F5 to gain access to it's pre-existing SAML resources.
Okta has released a guide to run Okta as IDP and F5 as SP to access web resources behind the F5, however these resources are not SAML so I don't believe it would work the same way.
Dave_W
Employee
EmployeeHello, if I am following your environment correctly I think it would be like this, User>>OKTA as IdP>>APM as IdP>>Service. Hence the term IdP chaining.