I have configured a VIP in F5 for the exchange in the customer premises. APM is providing the login page for the OWA users as now. Customer wants to integrate F5 with Azure to provide MFA for the OWA users. F5 will act as SAML-SP & Azure will act SAML-IDP. Azure is accessed using the cloud url
I have done the configuration using the url https://support.f5.com/kb/en-us/products/big-ip_apm/manuals/product/apm-authentication-sso-13-0-0/34.html#guid-7fc9aee2-12dc-465a-94d6-10a01ba6e783
I have few questions regarding the configuration.
How will the Azure inform the F5 that a particular user is authenticated.I am specifically looking what all information will be send by the Azure to the F5
When F5 receives the information from Azure about a successful authentication, how does the F5 ensure the client logs into Exchange without entering credentials. Does this require any SSO configuration. I would like to know how F5 inform MS-Exchange server, that a user is authenticated
In case the user fails to authenticate, which is the url the user falls back to, does the user gets exchange login page or does the user falls back to Azure authentication page
Thanks in advance