APM Configuration to Support Duo MFA using iRule
Overview
BIG-IP APM has supported Duo as an MFA provider for a long time with RADIUS-based integration. Recently, Duo has added support for Universal Prompt that uses Open ID Connect (OIDC) protoco...
Updated Nov 27, 2024
Version 7.0Hardeep_Kaur
Ret. Employee
Joined May 16, 2019
delv3chio
Employee
Joined May 20, 2019
Jerrod_Kimbler
Employee
Joined May 16, 2019
Lucas_Thompson
Employee
You need to make two edits to the iRule with your tenant information:
proc getClientId {
return "PUT YOUR TENANT'S CLIENT ID HERE"
}
proc getJwkName {
return "PUT THE BIG-IP OBJECT NAME FOR THE JWK HERE"
#e.g. return "/Common/duo_jwk"
}
JHDUKE
Sep 26, 2024Altostratus
Thanks for the response. I do have these already configured in the iRule. The warnings seem to be associated only with the 'proc' definitions..
- cjrnzNov 08, 2024Nimbostratus
I get the same warnings, still on version 15 here but in the throes of planning to move to 17 which is where I noticed the warnings. The script itself works fine.