Forum Discussion

Nimbostratus

Jan 03, 2014

SAML SP post binding to IdP

Hey all, I am currently investigating the capabilities of integrating the BigIP as an SP with an external IdP (shibboleth). I am providing a login page on the BigIP with an access policy that falls b...

saml

Kevin_Stewart

Employee

Jan 03, 2014

So in my APM policy I would remove the login page and make the SAML auth the first item in my policy then?

Yes. The SP will send the client a physical redirect (via 302 or auto-posted form) to the IdP for authentication. You could potentially subvert that redirect and force the client back to an APM VIP, and then POST those credentials to a remote IdP, but it would not be a trivial configuration.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

SAML SP post binding to IdP

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

How can I get started with iCall

SSL Bridging and FQDN rewrite Policy

After upgrading from PeopleTools 8.59.11 to 8.61.11 F5 APM is not rewriting the internal URLs

Could not communicate with the system. Try to reload page.

F5 BIG IP laboratory license

Related Content

Post-Quantum Cryptography: Building Resilience Against Tomorrow’s Threats

Post-Quantum Cryptography, OpenSSH, & s1ngularity supply chain attack

SAML - LTM in front of SP

SAML F5 SP - Microsoft Entra

Error post F5 upgrade

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS