You want Modern Auth … for an app or client that’s stuck in the 2010s

Anyone involved with IT for a considerable time understands that change is inevitable and perpetual. Organizational requirements shift and adapt to emerging technology, security threats, and new me...
Published Oct 04, 2022
Version 1.0
Cybersecurity-Awareness-Month-2022
security
Scheff's avatar
Icon for Employee rankEmployee
🔐 Senior Solutions Architect | API Security Specialist | AI & Post-Quantum Strategist I help organizations make sense of complex security challenges — from securing modern API infrastructures to building zero trust architectures that scale. With deep expertise in F5 technologies, OAuth, and identity standards like FDX, I bridge the gap between technical execution and strategic innovation. Currently focused on: Leading AI security initiatives, including securing Large Language Models (LLMs) from emerging threats Evangelizing post-quantum cryptography (PQC) in real-world deployments Developing gamified Capture-the-Flag challenges to train engineers in offensive/defensive API tactics Advising on infrastructure transformation, security automation, and cloud-native rollouts Outside of work, I stay curious — whether it's road-tripping across North America with a trailer and a plan, writing an upcoming book on AI threat mitigation, or creating unforgettable RPG characters who cast spells with swords. Let’s talk security, strategy, or why your TLS handshake failed at 3 a.m.
View Profile
bowlermj's avatar
Icon for Employee rankEmployee
Joined March 01, 2022
View Profile
AlexS_yb's avatar
AlexS_yb
Icon for Cirrocumulus rankCirrocumulus
Dec 28, 2022

Hi

 

looks good, Question

The meat of the functionality is built within a PRP and an attached iRule.  The iRule is called throughout the PSP using an iRule PRP Event (ACCESS_PER_REQUEST_AGENT_EVENT) with specific IDs for the various spots in the policy.  The AgentId is scanned for a value, and the code associated with the proper ID is executed.

 

Can't find this code or the handle from the PSP or PRP to call the irule code.

Where do you validate the JWT and how do you create a APM session and login based upon a JWT