SAML SP single-logout-binding

Question

Hello all,&nbsp;
using F5 APM 1.14.2.HF2 as IdP. &nbsp;
In the documentation it is stated for SLO only POST is supported (well, in some cases even for login, as the redirect signature is not correctly validated). So far good. The problem is, that some SP support only redirects for SLO and it is not possible to implement full SLO with such SP. We expect that redirect binding will be supported in some time in the future too (hopefully).&nbsp;
The question is - there are APM SSO configuration properties not available via GUI, e.g. saml-sp-connector single-logout-binding. I already thought that would solve our problem (even without signing the SLO messsage), but - we see no way to provide a value.&nbsp;
tmsh modify apm sso saml-sp-connector  single-logout-binding ... 
What are allowed values? Would it even solve anything?&nbsp;
Thank you all in advance &nbsp;
   Gabriel&nbsp;

manish_oberoi_1 · Answer

I have a similar issue with 11.5.3 - I want to service HTTP-Redirect for a SP however nothing seems to be available in the GUI. The idP metadata only seems to support HTTP-POST. &nbsp;
Were you able to find anything or able to service your requirements in an alt method? iRule? &nbsp;

Forum Discussion

SAML SP single-logout-binding

1 Reply

Recent Discussions

Rundeck ansible F5 errors

What is the meaning is 52% block in WAF

rewrite Azure AD response for portal access via web portal

AS3 Monitoring multiple ports selectively

Open Redirection Mitigation

Related Content

APM as Saml IDP with many SP

APM SAML IdP - SP Issuer Extraction

SAML: F5 as SP, Azure as IdP Problems with SLO

Enable SAML Service Provider on F5 Distributed Cloud Application

F5 APM as Service Provider (SP) and Microsoft AzureAD as Identity Provider (IDP)