NimbostratusDoes anyone know or has anyone connected PingFederate directly to the APM Login page? Is this possible? I have done the F5 APM SAML setup and that works fine. Passes directly to Ping login page without any issues.
Thanks
EmployeeHi hutchinsonm,
PingFederate integration into the APM login page is not supported. The method that you already have working is the supported configuration for PingFederate. APM will always redirect to the Ping login page for authentication in the SAML flow.
MVPF5 has the option to be PingAccess agent/gateway with a Ping profile without the use of SAML. I suggest seeing links below. Still this is not a direct integration with the APM login page but is more native way than the SAML one and when you have Ping you do not also need the F5 to also know the user password so it is better this way.
https://www.f5.com/pdf/deployment-guides/BIG-IP-APM-PingIdentity-dp.pdf
MVPI read recently about OAUTH and for what you want you can try OAUTH not SAML or the Ping profile on F5 . OAUTH allows the F5 as OAUTH client/resource server to get the user and pass and exchange them with the ping federate server for access token to allow the user and the access token will allow f5 to get info on the user groups etc. https://support.f5.com/csp/article/K42333110. If this help, please mark the discussion as solved.