Use Edge Session for authentication on SAML IdP Virtual Server

Question

I'm running APM for different use cases. One use case is connecting mobile devices with Edge Client. They authenticate with user based certificates. On the same box, I have another APM access profile running that does SAML authentication and provides an IDP service. I now want that Edge Client connected users don't need to authenticate a second time, meaning that the SAML IDP access profile leverages the authentication information we already received when authenticating the user with Edge Client.&nbsp;
Has anybody implemented a good approach for that?&nbsp;
Thanks in advance for your support.&nbsp;

daniel_w_ · Answer

I just found out that the SSO works, when Edge Client users and SAML IdP VS are in the same route domain. In my setup, the edge client users are directed to a customers route domain, the SAML IdP resides on another route domain for shared services.&nbsp;
Any ideas how to solve that without changing my route domain concept?&nbsp;

kunjan · Answer

Might be possible to create a layered VS on customer RD with pool member pointing to SAML IdP on it's RD, with strict isolation disabled.&nbsp;

Forum Discussion

Use Edge Session for authentication on SAML IdP Virtual Server

2 Replies

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

UCS Encryption Question

Unblock Request WAF

VIP is not responding on SYN after enabling other modules like ASM, APM and AFM.

VIP in https that redirect to another vip in https

BIG-IP VE: 40G Throughput from 4x10G physical NICs

Related Content

F5 Architecture Track Sessions - AppWorld 2026

F5 BIG-IP Access Policy Manager (APM) - Google Authenticator and Microsoft Authenticator

MCP Session Affinity With F5 NGINX Plus

iControl REST Authentication Token Management

Doing mTLS Authentication per URL

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS