SAML multiple auth context support

Question

Hi everybody,&nbsp;
I would like to know if there is or it planned to support multiple auth context as IDP. Now it seems that  APM only support one auth context (by default PasswordProtectedTransport).&nbsp;
The use case here is a SP where it is required priviledge scalation. For example the SP by default requires username and password authentication but if the user access /admin the it request certificate authentication.&nbsp;
This should be doable if APM fully supported SAML 2.0. By using forceauth (which it is actually ignored by APM) and taking in to account the context auth list provided in the authrequest coming from the SP somehow in the VPE we should be able to authenticate users accordingly. &nbsp;
My tests say that this is not supported/implemented in 13.0 but... it is planned to expand SAML functionalities as IDP.&nbsp;
Thanks in advance!&nbsp;

juraj · Answer

I am very much interested in this as well. Any update on this from F5 folks, please? Thank you.

Forum Discussion

SAML multiple auth context support

Recent Discussions

APM with EntraID as idP / request signed

Should config via cli rather than gui?

Background Tasks

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

Multiple Ways to Configure Usage Reporting in NGINX

Cipher Suites Supported (12.1.5.3)

Multiple Kubernetes Clusters and Path-Based Routing with F5 Distributed Cloud

Remove iRule From Multiple Virtual Servers (Fork /w multiple partition support)

f5 iHealth and Support

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS