cancel
Showing results for 
Search instead for 
Did you mean: 
Login & Join the DevCentral Connects Group to watch the Recorded LiveStream (May 12) on Basic iControl Security - show notes included.

APM - Creation of IdP and SP for SAML

joyride_us
Altostratus
Altostratus

Hi guys!

 

I am trying to configure IdP and SP on my BigIP. I have no idea about this.

I have answered the questions in the iApp/Application Services. I have answered all the questions but on the "Which SaaS application are you using?" I don't see my IdP as an option...just the Amazon and so on...pity!

Do you have any clue where and especially how I configure the whole thing for IdP/SA, SAML ?

 

thank you a million times!

9 REPLIES 9

Hi,

 

maybe you should take one step at a time. Are you aware of the roles of IdP and SP in SAML?

 

There are two parties involved in the process of SAML authentication, an identity provider (IdP) and a service provider (SP). IdP and SP mutually trust each other.

 

The IdP performs the authentication (very often against some kind of User Directory like LDAP) and passes the user's identity (as well as information about the users role, authorization, an so on) in the form of a SAML authentication token, to the SP.

 

The SP processes the token and gives the user access to the service, very often some kind of SaaS.

 

Which role should your BIG-IP take? The role of the IdP or the SP, both?

 

KR

Daniel

 

 

joyride_us
Altostratus
Altostratus

Both roles are relevant for BigIP. Thank you for paying attention, Daniel.

Ok, I guess you're going through Guided Config and you get stuck there, right?

Which BIG-IP version are you on? I will try go collect a couple of links to the appropriate documentation. I think to get a better understand and to use BIG-IP as SP und IdP a step-by-step guide might be a good starting point for you.

 

Meanwhile check the Youtube channels of devcentral and Matthieu Dierick, F5. There can find some videos to get you some rough idea.

 

joyride_us
Altostratus
Altostratus

LEt me see, I run the version : 13.1.3.4

joyride_us
Altostratus
Altostratus

And thanks!

So check this out, for 13.1.3 there are two manuals with step by step guides and flowcharts how to configure APM as IdP and SP. Just follow these links:

 

 

I hope that these can provide you the guidance you need.

joyride_us
Altostratus
Altostratus

Sure thing! Thanks!

Sajid
Cirrostratus
Cirrostratus

Few online F5 lab guides.

Lab 2: SAML Identity Provider (IdP) Lab¶

2. Lab 1: SAML Service Provider (SP) Lab¶

Lab 1: SAML Service Provider (SP) Lab¶

 

F5 APM Training as well having full chapter for SAML config (F5 as SP and IdP).

 

F5 Community Training & Labs

 

Thank you.