Forum Discussion

Nimbostratus

Jan 03, 2014

SAML SP post binding to IdP

Hey all, I am currently investigating the capabilities of integrating the BigIP as an SP with an external IdP (shibboleth). I am providing a login page on the BigIP with an access policy that falls b...

saml

Kevin_Stewart

Employee

Jan 04, 2014

Are these supposed to visible in the session variables so I can access and use them to authorize different users/groups for different resources?

If the APM SP is successfully consuming the IdP's assertion, then an access session will be established for the user that will contain, among many other values, the assertion attributes. To verify, perform a successful authentication and then run a report in APM to show the session variables of this latest test. You should see a whole section of session.saml.* variables. You can then use these values to make additional decisions in your visual policy.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

SAML SP post binding to IdP

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

How can I get started with iCall

SSL Bridging and FQDN rewrite Policy

After upgrading from PeopleTools 8.59.11 to 8.61.11 F5 APM is not rewriting the internal URLs

Could not communicate with the system. Try to reload page.

F5 BIG IP laboratory license

Related Content

Post-Quantum Cryptography: Building Resilience Against Tomorrow’s Threats

Post-Quantum Cryptography, OpenSSH, & s1ngularity supply chain attack

SAML - LTM in front of SP

SAML F5 SP - Microsoft Entra

Error post F5 upgrade

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS