How do I pass username from F5 APM SP to RSA idP
I have the following Access Policy on our F5 APM:
-
User connects to the F5 APM which is configured as the SAML SP.
-
F5 APM Authenticates the user against the local AD.
-
If AD Auth is successful, it does a SAML redirect to the external RSA cloud IdP for additional token authentication. The RSA idP prompts for the Active Directory user name and password again fronm the user (It has access to the same AD as the F5 SP)
-
Then does additional SMS token authentication for the user:
I need to pass the username that was entered at the F5 Logon page (SP) to the RSA idP so that the end user does not have to re-enter their AD credentials for the additional token authentication at the idP. In other words, cut out step 3 above.
I can see from the SAML tracer that when the F5 (SP) redirects the user session to the idP, it is not sending any username by default. How do I get the F5 (SP) to send the username to the RSA idP ?
Any help would be much appreciated.