Yubikey Authentication Modes and Azure AD integration via the APM

Introduction The Yubikey ( https://www.yubico.com/) supports three major functions, authentication, signing and encryption. As far as authentication goes, it supports a list of the following mecha...
Published Oct 18, 2021
Version 1.0
authentication
azure ad
BIG-IP Access Policy Manager (APM)
Security
fredlubrano's avatar
fredlubrano
Icon for Cirrus rankCirrus
Oct 21, 2024

Hello, I believe this issue is resolved after reading the release notes for the EDGE client 7.2.5.

Windows Edge Client supports SAML Authentication using the default browser of the system

This feature uses the default browser of the system when authenticating users with SAML IDP. This feature will solve the current limitations of Edge Client, which uses IE technology-based Trident embedded browser for authentication. The Trident engine only supports ECMAScript version 5 and earlier. Users who use IDPs that include JavaScript versions later than ES5 were facing issues with earlier versions of Edge Client. This version of Edge Client resolves all such issues.

To enable this feature customers should load iRules and iFiles and map it to the Virtual servers for which Access profiles are configured. Once 725 Edgeclient is installed on windows need to set Windows registry key "UseExternalBrowserForAuth" with DWORD value 1 at location Computer\HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\F5 Networks\RemoteAccess

Note:

  • Users must raise a support ticket to get iFiles and iRules.
  • This feature requires modern customization to be configured in the access policy.

https://techdocs.f5.com/kb/en-us/products/big-ip_apm/releasenotes/related/relnote-edge-client-7-2-5.html