Forum Discussion
5 Replies
- Dan_73594Historic F5 Account
Hi there - I am having a hard time understanding what you want to accomplish. I'm assuming the internally developed authentication product with SAML support is an IdP, correct? O365 would be a SP, what service would APM be providing?
Dan
- Attenborough_31Nimbostratus
It is an identity provider. I have been asked to use F5 APM but authenticate using their product with F5 providing the access.
- Dan_73594Historic F5 Account
Hi there - Let me ask like this: From which IdP would each SP (APM and O365) consume assertions from? Are you saying that APM consumes an assertion from the internally developed IdP and O365 consumes an assertion from APM (APM as IdP and SP)?
- Attenborough_31Nimbostratus
That is the specification I have been given, yes. Essentially the internally developed IdP has greater flexibility in authN methods and biometrics and it presents a good use case for their product so the internally developed IdP would assert towards APM and APM asserts towards O365. Or at least that's been my understanding of how such a system would work.
- Dan_73594Historic F5 Account
Hi There - This article from Cody Green about IdP chaining is a great example and should fit your requirements.
Dan