I have a request to set up an environment on our F5 as an IdP for ArcGIS Online:
"Our team has a handful of issues regarding using F5 BIG-IP and Access Policy Manager as an IDP configured with ArcGIS Online and Enterprise. Creating an environment will allow us to test and resolve issues with this specific implementation."
Per the requester, they just need a test environment configured for them to use for troubleshooting purposes and it does not need to be joined to AD. We only have the APM Limited module and have never utilized the F5 for this. I've read some of the documentation but it is still unclear to me how to go about this. What information do I need from the requester to move this forward?
Any assistance would be appreciated. Thanks!
from their website I can see that ArcGIS Online supports SP-initiated SAML logins and IDP-initiated SAML logins.
Your BIG-IP APM Limited supports SAML. See here for the limitations of APM Limited: K72971039: BIG-IP APM operations guide | Chapter 2: Licenses
There are two flavours of SSO with SAML, SP-initiated or IdP-initiated login. I guess your customer is aksing you to setup SP-initiated login. The login process for SP-initiated login would look as follows.
If this is the use case your customer is looking for, then the documentation for such setup you can find here: Manual Chapter : Using APM as a SAML IdP (no SSO portal)
The other use case is IdP initiated login, if you customer is looking for this, then this is the process:
And there is also a setup guide: Using APM as a SAML IdP (SSO portal)