Google authenticator - APM

Question

I set up the Google authenticator in our APM system.

I think the issue of QR Code is a bit cumbersome, I mean that one should set up a dedicated VS in favor of irule and the user should scan the QR and then the value string I need to put in some datagroup or as an attribute in AD.

Should it be done like Pulse Secure?
I mean the first time the user loging in he gets a page (I attached a picture) that he performs the QR scan independently and the pulse knows how to store it with him and manage the users.

Is this possible in APM?

petewhite · Answer

The issue with doing this on the BIG-IP is that you can't make control plane changes from the user plane ie a virtual server/iRule cannot update a datagroup directly ( or at least, not without some added complexity ). It would be possible to store it in a subtable or suchlike though, and provide an iRule which outputs the entries in an API manner, then use an iCall script to query the API and write the entries to the datagroup on a periodic basis.

Forum Discussion

Google authenticator - APM

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

APM Sharepoint authentication

not show barcode google authenticator mfa

AD Authentication and Local DB Authentication in APM

APM Sharepoint authentication v2

APM Clientless certificate authentication

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS