F5 APM SAML

Question

Hi&nbsp;
I have got SAML federation working in APM (IdP initiated) however one of the requirements is to route everything through the APM Portal instead of redirecting the users to the end web-application.&nbsp;
Currently users go to APM, authenticate and click the corresponding link under webtop . APM generates the SAML assertion and then the user gets redirected to the web application, in our case AWS.&nbsp;
is it possible to have everything contained within APM URL and avoid any redirections ? I have read that perhaps Portal Access can do the job .&nbsp;
Many thanks !
J.&nbsp;

youssef1 · Answer

Hello,&nbsp;
First of you deploy a portal (Webtop) with "SAML Ressources", it will allow you to call your application from your Portal (IDP Initiated). So  now you want to manage this SAML ressources as Portal Access in order to hide you SAML App name behind Portal APM hostname.&nbsp;
I really do not think it's possible. I do not see technically how to do it natively.&nbsp;
Additional when your saml response will be send to your IDP the IDP will answer to App hostname and not Portal hostname it will be a confusion. More your Portal VPE will not consume ACS...&nbsp;
Why do you want to deploy this kind of archi?&nbsp;
Regards,&nbsp;

Forum Discussion

F5 APM SAML

1 Reply

Recent Discussions

ltm policy asm_auto_l7_policy

MAC address not showing up in LLDP packet

F5Access | MacOS Sonoma

Active- Active HA setup

syslog server connection

Related Content

APM Cookbook: SAML IdP Chaining

APM Cookbook: AutoLaunch SAML Resources

APM as Saml IDP with many SP

SAML Konfiguration mit F5 APM

F5 BIG-IP Access Policy Manager (APM) - Idp integration - Cisco vManage