Mar 27, 2026 - For details about updated CVE-2025-53521 (BIG-IP APM vulnerability), refer to K000156741.

Request and validate OAuth / OIDC tokens with APM

BIG-IP APM is able to request and validate OAuth2.0 and OpenID Connect tokens. It can act as Client, Resource Server and Authorization Server. In this article, I cover the use cases where APM acts as...
Published May 06, 2019
Version 1.0
BIG-IP Access Policy Manager (APM)
oauth
oauth 2.0
oidc
security
Matt_Dierick's avatar
Icon for Employee rankEmployee
Security Solution Architect for F5 Networks since 2012. Focusing on Application Access and API Security. You can find more how-to on my YouTube channel : https://goo.gl/eErp51
View Profile
Manideep's avatar
Manideep
Icon for Nimbostratus rankNimbostratus
May 24, 2023

Hi Mattieu, Thanks for this article, I have followed and configured the same for my F5 APM. But the issue is our F5 APM is able get the auth code from auth server but during the exchange for access token we are getting error as 'HTTP error 503, DNS lookup failed', checked few articles and even dns resolver settings are fine. 

Any idea, where could be the issue?