Forum Discussion

Icon for Nimbostratus rank

Nimbostratus

Dec 07, 2020

Use the email address registered in Active Directory for F5 BIG IP APM OTP authentication

I'm having trouble setting up the F5 BIG-IP APM

I would like to use the OTP authentication function that F5 BIG-IP APM has as standard.

I want to send the OTP to the email address of the mobile phone registered in Active Directory.

Has anyone ever made such a setting?

please give me your wisdom.

Best regards

application delivery

BIG-IP Access Policy Manager (APM)

Dario_Garrido
MVP
Dec 07, 2020
Hello Keigo.
Which DB do you expect to find your email address?

Usually, people stores email and phone information in the AD and APM can get both using a LDAP query.

VPE policy should look like this:
- LDAP query to get email
- Generate OTP code
- Send an email with the previous code
- Use a logon page to ask for that code
- Verify the code

Regards,
Dario.

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming