Forum Discussion

Cirrus

Oct 28, 2020

Token based ACL in header

Is it possible to configure below on LTMs? Implement token based ACL in header (which web server/LB checks before allowing access to websites). This token needs to be valid for a very short time an...

MVP

Oct 29, 2020

sure, shouldn't be that hard. BIG-IP can check the header for sure. it can check if the token is allowed in table and once it is used start a timer.

main thing is how to determine which tokens are valid and how the users get them. if you want to automate that things become more tricky, but it probably can be build.

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Token based ACL in header

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

Help with an iRule to disconnect active connections to Pool Members that are "offline"

Questions on R-Series 5800s

iRule Approach to Mask Authorization Header for Bot Defense Logging – Validation Needed

Cloud Apps Protection

ASM/AWAF declarative policy

Related Content

AI Token Limit Enforcement

Demystifying iControl REST Part 6: Token-Based Authentication

iControl REST Authentication Token Management

JSON Web Token (JWT) Parser

Rate Limiting based on ACCESS TOKEN (OAuth 2.0)

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS