Forum Discussion

Keigo's avatar
Icon for Nimbostratus rankNimbostratus
Dec 07, 2020

Use the email address registered in Active Directory for F5 BIG IP APM OTP authentication

I'm having trouble setting up the F5 BIG-IP APM


I would like to use the OTP authentication function that F5 BIG-IP APM has as standard.


I want to send the OTP to the email address of the mobile phone registered in Active Directory.


Has anyone ever made such a setting?


please give me your wisdom.


Best regards

1 Reply

  • Hello Keigo.

    Which DB do you expect to find your email address?

    Usually, people stores email and phone information in the AD and APM can get both using a LDAP query.

    VPE policy should look like this:

    - LDAP query to get email

    - Generate OTP code

    - Send an email with the previous code

    - Use a logon page to ask for that code

    - Verify the code