Forum Discussion

Nimbostratus

Aug 15, 2017

SAML as server-side SSO

Hello, I'm looking to obtain more information about how to configure an app that is behind APM to use SAML. I believe the app behind the APM would be the SP, with the BIG-IP still performing IdP...

application delivery

BIG-IP Access Policy Manager (APM)

Yann_Desmarest

Cirrus

Aug 17, 2017

Hi Josh,

I'm not sure the SAML configuration works the way you want.

When you have a backend application configured as a SAML Service Provider, you have to define your bigip device as an IDP and establish the trust between each peer.

You have to configure the IDP object on the bigip device, import metadata form the SP to build the SP Connector and bind this SP connector to the IDP profile.

Then, you can assign the IDP profile to the SSO options of your Access profile used for F5 as IDP.

Hope it helps

Yann

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

SAML as server-side SSO

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

After upgrading from PeopleTools 8.59.11 to 8.61.11 F5 APM is not rewriting the internal URLs

F5 mssql health monitor failing

F5 BIG IP laboratory license

How can I get started with iCall

Connection Rest f5

Related Content

Client-side vs Server-side Load Balancing

Mitigating OWASP Web Application Risk: Server Side Request Forgery (SSRF) using F5 BIG-IP

Client side to server side SNI relay iRule

Mitigating OWASP API Security Risk: Server-Side Request Forgery (SSRF) using F5 BIG-IP

SSL Heartbleed server side iRule

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS