APM Cookbook: Two-Factor Authentication using YubiKey OTP with iRulesLX.

  Introduction It’s been a number of years since I penned my first DC article: Two-Factor Authentication using YubiKey, YubiCloud and APM. A lot has changed over the years, BIG-IP versions and ...
Published Feb 07, 2017
Version 1.0
2fa
application delivery
BIG-IP Access Policy Manager (APM)
cookbook
iRulesLX
security
yubikey
Moonlit's avatar
Moonlit
Icon for Cirrus rankCirrus
Aug 10, 2018

Hi Peter,

 

I got a FIDO2 capable "Security Key by Yubikey" today, and I'm wondering if it's possible to do first-step authentication of users via FIDO2/Webauthn. Does APM support this?

 

I envision being able to log on to e.g. the F5 Access VPN app just by touching an NFC-enabled key to my mobile phone, and authenticating WITHOUT typing in a username by simply using a FIDO2/CTAP2-enabled token to sign whatever the APM portal wants me to sign.

 

Not sure if it's relevant to this script, so I'll create a support case if I need to, but you seem like the right guy to answer this :)

 

Sincerely,

 

Dag, F5 customer