OAuth SSO
Hi All,
we'd like to secure the access to a backend portal with OAuth (F5 Authorization Server and F5 Client/Ressource Server).
We aleady configured 2 Virtual Servers and 2 Access Profiles
- access profile 1 for the backend application (OAuth Client and Scope Agents)
- access profile 2 for the OAuth AS (Logon Page, LDAP Auth and OAuth AS Agent)
The login and the OAuth (OIDC) works with the backend via id_token.
Idea was to ask the user ONCE for his LDAP Credentials and then authorize the user in subsequent authorization requests from client applications WITHOUT asking for entering his credentials again.
What we see in the session logs is, that the authorization server session always ends with "session deleted (oauth_finished)" once the authorization request has successfully ended, hence the users LDAP information is destroyed together with the "session deleted"
Is it possible to get some kind of SSO so that the users credentials is stored in the client for subsequent authorization requests and that the logon page can make use those credentials without prompting the user to login manually again?
Thanks
Steffen