Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions

APM Integration with Azure AD for MFA

jessperbaylon
Nimbostratus
Nimbostratus

‎11-Aug-2023 22:50

Hi All,

I have integrated my BIG-IP APM to Azure AD SAML Auth and the authetication to Azure AD works well. 
I have set the SAML Auth Force Authentication to Enable and everytime the user login to VPN it keeps on prompting for both Credential (Username and Password) and MS Authenticator PIN.

If I set the SAML Auth Force Authentication to Use AAA Server settings, the Azure Portal Appear to select the username without asking for MS Authenticator.

Is there a way to configure either on Azure AS or APM where in when user authenticate it will only prompt for MS Authenticator PIN and allows the Credential (Username and Password) to follow the AAA Server settings which Single Sign On to machine? 

This will help to improve the user experience to lessen the time frame when authenticating. 

Thanks in Advance. 

Labels:
0 Kudos
2 REPLIES 2

Nikoolayy1
MVP
MVP

‎13-Aug-2023 23:06

just for MFA maybe see https://learn.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-nps-extension and use NPS server on-prem that will talk with the Azure AD and your F5 APM. Also you can test https://learn.microsoft.com/en-us/azure/active-directory/authentication/howto-authentication-passwor... but I have not done this myself.

0 Kudos

LiefZimmerman
Community Manager
Community Manager

‎21-Aug-2023 15:40

@jessperbaylon - If your post was solved it would be helpful to the community to select *Accept As Solution*.
This helps future readers find answers more quickly and confirms the efforts of those who helped.
Thanks for being part of our community.
Lief

0 Kudos
Copyright © 2023 Khoros, LLC