We are implementing Azure, and I was wondering if it was possible to configure the BIG-IP such that:
User authentication goes to a URL in which we've enabled federation (i.e., SAML) authentication.
Intune and device management requests bypass this URL and go to the Microsoft SSO URL, and then, after SSO, the device communicates directly with Azure.
I've looked into the network information for both Office 365 and Intune, and there's a lot of different endpoints available. It's almost like it would be too complex to manage, but I thought I would ask.