Help
Technical Articles
F5 SMEs share good practice.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions

F5 APM as Service Provider (SP) and Microsoft AzureAD as Identity Provider (IDP)

momahdy
F5 Employee
F5 Employee

on ‎01-Aug-2023 05:00

In this Article we will go through a deployment approach where F5 BIG-IP Access Policy Manager (APM) front an application as Service Provider (SP) whether on cloud or on-premises,  while AzureAD acts as Identity Provider (IDP) to provide identity services, Conditional Access and other services.
 
In our case, there's an additional point we are using Kerberos for Single Sign-On (SSO). Such deployment can be observed in corporates moving to cloud and keeping internal Active Directory or other authentication mechanisms internal, so BIG-IP APM will be able to authenticate users with AzureAD and apply SSO at backend.
 

Configurations summary

  • Register Application at AzureAD.
  • Get the SSO elements from AzureAD.
  • Configure BIG-IP APM SP with the right parametes.
  • Configure BIG-IP APM Kerberos SSO.

mmahdy_2-1688540828366.png

 

Configurations details

 

Related contents

 

Version history
Last update:
‎16-Jul-2023 21:36
Updated by:
F5 Employee
Contributors
Copyright © 2023 Khoros, LLC