Forum Discussion
Daniel_Epperson
Apr 06, 2016Employee
-
APM can be SP or IDP, see https://f5.com/resources/white-papers/solving-substantiation-with-saml. Read the "BIG-IP APM as an Identity Provider" section carefully. I think that describes what you're looking for.
-
As I understand it, APM doesn't have to be the IDP. The solution is easier to describe with APM in front of everything as the SSO endpoint (and IDP). APM does support forms post authentication to your portal site, see https://support.f5.com/kb/en-us/products/big-ip_apm/manuals/product/apm-sso-config-11-2-0/3.html.