going beyond the F5 provided SAML AuthnRequest

Question

F5 implements the SAML 2.0 standard but that standard allows for many optional fields. is there a way to set such fields in for example the AuthnRequest?&nbsp;

kevin_stewart · Answer

Generally speaking, the configurable options are (only currently I hope) limited to what you can set in the profiles. That said, if 1) depending I suppose on the the optional fields you're considering, and 2) you don't care about signing or encrypting the AuthnRequest, you could layer the SP policy behind a VIP and iRule to tweak the outgoing request however you wanted. &nbsp;
Definitely doable.&nbsp;

boneyard · Answer

thanks Kevin, i pretty much expect this to be the case but always worth to double check.&nbsp;
if i got some time ill look into the layered approach, for now ill accept the situation.&nbsp;

Forum Discussion

going beyond the F5 provided SAML AuthnRequest

2 Replies

Recent Discussions

HTTP Header Rewrite - X-Forwarded-Proto

Ansible F5 imperative collection works with proxies, declarative collection doesn't

GSLB - Monitoring LTM VIP load balancing via iRule

Problems connecting to vpn after upgrading to ubuntu 24.04

How to Match Dynamic URI Segments in AS3

Related Content

F5 APM as Service Provider (SP) and Microsoft AzureAD as Identity Provider (IDP)

Enable SAML Service Provider on F5 Distributed Cloud Application

F5 Terraform providers – Helping to implement Infrastructure as Code

Service Discovery and authentication options for Kubernetes providers (EKS, AKS, GCP)

F5 Distributed Cloud Services to Provide Unified Security Policy for Multi-cloud OpenShift Workloads