BIG-IP APM can provide IdM(LDAP) connection. And can also act as an SAML IdP like Using APM as a SAML IdP SSO portal.
Also there is an example as Configuration Example: BIG-IP APM as SAML IdP for Amazon Web Services.
We want to use a centralized IdM service for application like Jira. We can comparing with F5 BIG-IP ARM, Keycloak and Jira's SAML SP Plugin service to make them together.
Maybe it's possible:
So which one is the best solution?