F5/Azure AD specify access to Applications

Question

HI All&nbsp;I have users that are stored in Azure AD.  We are using Azure AD for MFA.  Users belong to Conditional Access Policies.  How can I limit Users in Azure AD to only specific apps through F5?  &nbsp;I.e, 10 applications are exposed to users through F5, I wish certain users to have access to only certain applications.  &nbsp;This article https://docs.microsoft.com/en-us/azure/active-directory/saas-apps/kerbf5-tutorial makes it seem like I need to do development.&nbsp;I see an article on how to do it for roles here https://blog.azureinfra.com/2020/07/06/f5-azure-ad-role-assignments-to-header-based-apps/  Could I do the same logic work with the Applications in the Conditional Access Policies?&nbsp;

petewhite · Answer

There are a number of ways to do this - you can put APM in front of the apps, do SAML SSO via Azure ADFS and leave it to perform the access restrictions, or you can do the checking on the APM.

Forum Discussion

F5/Azure AD specify access to Applications

1 Reply

Recent Discussions

F5 loadbalancer not working

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

Pricing when used with aws waf

F5 terminal - help to run commands - disk space full

import live updates from version x to version y

Related Content

Deploying F5 BIG-IP with Azure Cross-region load balancer

Re: F5 NGINX for Azure: Multi-Region Architecture

Integration of Azure Sentinel and F5 BIG-IP using TS and AS3

Re: Public Cloud Simplified with F5 NGINX for Azure

Leverage F5 BIG-IP APM and Azure AD Conditional Access Easy button