mobile
4 TopicsAuthenticate user of native mobile app with OpenId Connect
Does F5 Big IP Access Manager support mobile apps authenticating over OpenId Connect with custom URI redirect_uri? Our native mobile app (iOS and Android) authenticates the user using the Authorization Code Grant flow. How it Works. Our redirect_uri (ie callback uri) is: com.mckesson.wfm.ansos2go://signin We are a software vendor in the Healthcare domain. Our customer who uses F5 Big IP says that this URI is considered invalid by F5 when configuring the OpenId Connect Service Provider. Is that true? If so, how do native mobile app developers perform OIDC authentication with F5? Thanks, Scott UPDATE: I got word from my customer that they set up a rewrite policy, so they could enter the redirect_uri as https:/com.mckesson.wfm.ansos2go://signin. Then, they strip off the https:// in the response to the initial 'authorize' call. This is NUTS! Why does F5 Big IP Access Manager require redirect_uri to be https://...? This totally breaks the OpenId Connect specification which says "The Redirection URI MAY use an alternate scheme, such as one that is intended to identify a callback into a native application." https://openid.net/specs/openid-connect-core-1_0.html#AuthorizationEndpoint765Views3likes0Commentsapm_mobile css file not used on in app browsers
Hey everyone, The company I'm working at has multiple apps rolled out that use a SAML Authentication with our F5 being the IDP. In these apps the login page is styled with the normal browser css (apm_full.css) file and not the mobile css file (apm_mobile.css). If I open the authentication site from the phone browser the correct mobile css file is used. My question now what is metric f5 looks at to decide if the mobile css file needs to be used or the normal css file ? Is it possible to force the mobile css somehow ? Thanks, Andreas442Views0likes6CommentsApache to F5 Configuration
Hi everyone, We are having trouble with our F5 Configuration.Here is the scenario: We are using Mobile application (from playstore) to access the server. It uses standard VS with port 443 and performing SSL offloading. Configuration is based from the Apache Server which is currently on production and no error. Single server is used to access using Web and Mobile Application, only uses different ports.Here is the config: ProxyPass /fo connectiontimeout=60 timeout=600 ProxyPassReverse / timeout=600 ProxyPass /mob connectiontimeout=60 timeout=600 ProxyPassReverse /mob timeout=600 Looking at the firewall, no other port being used by the client when accessing using application. we captured some pcap, based on it, F5 can receive the traffic and can exchange SSL. However, we cannot see that F5 is sending the traffic to the server.It seems that there is configuration error with the virtual server. We tried changing the type to Performance L4 but SSL-offloading is removed. we also changed the protocol to All protocol, but still, SSL-offloading is removed. Is there a way to have All protocol type of VS but with SSL-offloading? If this can be done via irule. If not, does anyone experienced the same problem (using mobile application passing thru F5). Thank you all for the response.399Views0likes1Comment