Technical Forum
Ask questions. Discover Answers.
cancel
Showing results for 
Search instead for 
Did you mean: 
Custom Alert Banner

F5 edge client with OIDC and yubikey

awan_m
Cirrus
Cirrus

Hi All 

i am implementing oAuth with OIDC - it is woking fine when logging on through the browser but failing when trying edgeclinet - i have configured oAuth setting on the connectivity profile but it is stil failing .

my oAuth provider is Forgerock .

any suggestions?

Thanks 

7 REPLIES 7

Leslie_Hubertus
Community Manager
Community Manager

Hey @awan_m - FYI I've asked a teammate to come help answer your question if nobody else drops some knowledge here soon. 

awan_m
Cirrus
Cirrus

Thanks - in my case - i have setup 0Auth with - openID - and it works fine in the browser , meaning yubi key works fine when authenticating through browser - but it fails when i try with Edge clinet - can someone help in that regard

thanks  

Matt_Dierick
F5 Employee
F5 Employee

Hi buddy, you have to configure the Edge Client as an OIDC client. I built and posted a video explaining the steps in my Youtube channel : https://youtu.be/-LCilU-UrYU

Hope this help

Matt

thanks for this - my authentication provider is forgerock and oAuth with openid is working -

the problem is the Edge client - as you showed in your video it should open the browser and authenticate and VPN should establish - and that happens - but it also opens its embidded browser where yubikey fails.

Question how do i configure it in a way where iy does not open the embidded browser?embeddedembedded

If the embedded browser opens, it means OIDC edge client config is wrong. It should open a real browser window.

Check your edge client config.

Hi - couple of questions 

1 - under - 

i have configured it as a client - with client ID and secret 
2 - and in visual policy editot - i have used oAuth client - instead of oAuth Scope
and all of this works fine when i use the browser - but the edge client has issues 
 
what do i need to do 
do i need to configure 0Auth server entity as resource - 
and then use 0Auth Scope in visual policy editor?
and my OAuth server is Forgerock
Thanks 

Hi i watched the video multiple times and tries to set it up as recommended in the video.

couple of questions

what should i put in the following in oAuth setting - for edge client

Complete Redirection URI: -- 

secondly - if i leave that blank - the edge client keeps going to login page - and login process