cancel
Showing results for 
Search instead for 
Did you mean: 

Use the email address registered in Active Directory for F5 BIG IP APM OTP authentication

Keigo
Nimbostratus
Nimbostratus

I'm having trouble setting up the F5 BIG-IP APM

 

I would like to use the OTP authentication function that F5 BIG-IP APM has as standard.

 

I want to send the OTP to the email address of the mobile phone registered in Active Directory.

 

Has anyone ever made such a setting?

 

please give me your wisdom.

 

Best regards

1 REPLY 1

Hello Keigo.

Which DB do you expect to find your email address?

Usually, people stores email and phone information in the AD and APM can get both using a LDAP query.

VPE policy should look like this:

- LDAP query to get email

- Generate OTP code

- Send an email with the previous code

- Use a logon page to ask for that code

- Verify the code

Regards,

Dario.

Regards,
Dario.