Forum Discussion

Cirrocumulus

Jan 31, 2023

Per Request access policy with OAuth Client Subroutine

I have a per request policy with a URI that is protected with a OAuth Client Typically this works by using 302 redirect either to /my.policy and then 302 to the OAuth server to get a new token My p...

APM SSO OAuth

devops

Juergen_Mang
Jan 31, 2023
You can replace the 302 with 401 in the HTTP_RESPONSE_RELEASE event.

Don't forget to set:

ACCESS::restrict_irule_events disable

Juergen_Mang

MVP

Have you tried the clientless mode?

when HTTP_REQUEST {
    HTTP::header insert "clientless-mode" 1
}

AlexS_yb

Cirrocumulus

Jan 31, 2023

I believe that will stop the 302 to /my.policy

but will it stop the 302 to the oauth server to get a new / or renew a OAuth access token ?

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Per Request access policy with OAuth Client Subroutine

Recent Discussions

NAT for specific IPs

VIP needed for many UDP ports

remove ssh after gtm_add/bigip_add/big3d_add ?

What will be happen to live and existing connections when failover HA BIG IP active-standby

Creating Policy using Terraform

Related Content

Federated AWS Console Access Made Easy: F5 BIG-IP Access Policy Manager Access Guided Configurations

ASM Too many concurrent long requests

Harnessing the power of F5 BIG-IP Access Policy Manager (APM) and Microsoft

Validating JWT in per-request policy - subsession

Per-Request subroutine loop setup?

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS