How to configure AD credential passthrough with F5

It's quite likely a 301/302 redirect coming from your backend server. You could address that by adding some rewrite policies, or deal with it in your iRule.

You could add some logging to your iRule to see what the backend is returning:

when HTTP_RESPONSE {
  foreach aHeader [HTTP::header names] {
      log local0. "$aHeader: [HTTP::header value $aHeader]"
  }
}

Presumably it's sending a location header, which you could just modify with a string map.

HTTP::header replace Location [string map {something somethingelse} [HTTP::header Location]]