SAML APM with Office 365

Thanks Michael. Indeed, i created my AD with my domain and installed AD connect, so that my Azure AD is constantly synced with my local AD. I could also log into O365 from MSFT login page. I did not configured the ADFS role.

Then, I configured the iApp , where i put as Entity ID

I connect to my VIP which authenticates me to my local AD and presents the webtop with the link ot O365. Once i click on that, i am redirected to O365 page but with error:

Additional technical information: Correlation ID: 90070909-f329-493f-875c-03a0a164ac91 Timestamp: 2017-01-06 21:33:33Z AADSTS50107: Requested federation realm object __'._mydomain_/idp/f5/' does not exist.**

So i have these simple (sorry probably too simple):

1) Shall i configure in the iApp ._mydomain_/idp/f5/ as Entity ID? 2) If I leave default.crt/.key as certificates will it work or do i need to explicitely create a self signed cert to send the assertions? 3) For Office 365 i understand I dont need to export any metadata as it is already included in the iApp, right? If I wanted to, where do I export it from? 4) do i need to configure Federation on AzurePortal? I saw some powershell command on DevCentral but not sure why and where should i enter that..

Logs tells

Jan 6 13:38:36 2funky notice apmd[6217]: 01490102:5: /Common/xx.app/xx:Common:7c042dd4: Access policy result: Full Jan 6 13:38:47 2funky notice tmm[11331]: 014d0002:5: 7c042dd4: SSOv2 BIG-IP as IdP (/Common/xx.app/xx_O365_saml_sso) sent SAML Response (size: 6572) to SP (/Common/saml_office365)