F5/Azure AD specify access to Applications

Question

HI All&nbsp;I have users that are stored in Azure AD.  We are using Azure AD for MFA.  Users belong to Conditional Access Policies.  How can I limit Users in Azure AD to only specific apps through F5?  &nbsp;I.e, 10 applications are exposed to users through F5, I wish certain users to have access to only certain applications.  &nbsp;This article https://docs.microsoft.com/en-us/azure/active-directory/saas-apps/kerbf5-tutorial makes it seem like I need to do development.&nbsp;I see an article on how to do it for roles here https://blog.azureinfra.com/2020/07/06/f5-azure-ad-role-assignments-to-header-based-apps/  Could I do the same logic work with the Applications in the Conditional Access Policies?&nbsp;

petewhite · Answer

There are a number of ways to do this - you can put APM in front of the apps, do SAML SSO via Azure ADFS and leave it to perform the access restrictions, or you can do the checking on the APM.

Forum Discussion

F5/Azure AD specify access to Applications

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

F5 NGINXaaS for Azure: Monitoring and Metrics

Public Cloud Simplified with F5 NGINXaaS for Azure

Deploying F5’s Web Application Firewall in Microsoft Azure Security Center

Leverage F5 BIG-IP APM and Azure AD Conditional Access Easy button

Securing your applications with F5 Virtual Editions in Microsoft Azure

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS