Forum Discussion
PShakunthala
Apr 05, 2024Nimbostratus
Grant access to users from F5 APM based on okta user group
Hi Engineers, We are planning to migrate to F5 APM for remote access solution from pulse VPN. We have integrated F5 APM with okta for SSO and its working as per the plan. But We are unable to grant...
spalande
Nacreous
Have you tried using LDAP qurey feature that will query the LDAP server to get the group assignment and then based on that you can create different network access profiles using separate VPN pool.
PShakunthala
May 01, 2024Nimbostratus
Thanks spalande For your response. I was able to solve the problem by adding an expression in advanced resource assign tab.
expr {[mcget {session.saml.last.attr.name.http://schemas.microsoft.com/ws/2008/06/identity/claims/groups}]
contains "Õe66c3bf-e0ee-40d4-9649-2534647f2378"}
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects