Technical Forum
Ask questions. Discover Answers.
Showing results for 
Search instead for 
Did you mean: 

SAML multiple auth context support

F5 Employee
F5 Employee

Hi everybody,


I would like to know if there is or it planned to support multiple auth context as IDP. Now it seems that APM only support one auth context (by default PasswordProtectedTransport).


The use case here is a SP where it is required priviledge scalation. For example the SP by default requires username and password authentication but if the user access /admin the it request certificate authentication.


This should be doable if APM fully supported SAML 2.0. By using forceauth (which it is actually ignored by APM) and taking in to account the context auth list provided in the authrequest coming from the SP somehow in the VPE we should be able to authenticate users accordingly.


My tests say that this is not supported/implemented in 13.0 but... it is planned to expand SAML functionalities as IDP.


Thanks in advance!




I am very much interested in this as well. Any update on this from F5 folks, please? Thank you.