Forum Discussion

Jason0's avatar
Jason0
Icon for Nimbostratus rankNimbostratus
Jul 10, 2019

APM Request AWS AccessKey - assume-role-with-saml

I'm using APM as a SAML IdP for federation into the AWS console. It's IdP initiated SAML so users authenticate and land on a webtop where they select the AWS SAML resource. I'd like to expand this solution to allow federated users to get AWS access keys from the STS API via APM. To make this API call, I need to extract the base64 encoded SAML assertion and pass it inside the JSON payload.

 

I can extract the unsigned assertion from APM session variables but I haven't found a way to sign it with an iRule. I've also tried to pull the SAML response being sent to the user but have been unsuccessful. Any suggestions would be appreciated.

No RepliesBe the first to reply