ADFS iApp branch with support for existing APM Access Policy

Problem this snippet solves:

ADFS iApp currently only allows you to create a new Access Policy. This branch allows you to use an existing Access Policy.

Attention: Michael Shimkus, please merge these (rather minor) changes into the official F5 release.

Note, I didn't know what the "/Common/rba" profile was for, so my code doesn't include it when adding an existing Access Policy. Please correct this if it's needed.

How to use this snippet:


  • Third APM option to the apm.use_apm, "existing"

  • Two new APM section options: apm.access_policy, apm.sso


  • Changed all apm.use_apm == "yes" logic to apm.use_apm != "no"

  • Modified configure_apm proc to handle apm.use_apm == "existing"

Code :

Tested this on version:

Published Dec 16, 2015
Version 1.0

Was this article helpful?

1 Comment

  • mikeshimkus_111's avatar
    Historic F5 Account
    Hi Sam, thanks for the input. We already have that on our list of new features for the AD FS iApp, although I don't have an ETA for you right now. Mike