F5 APM Access Policy using Azure MFA via SAML
Hi,
I have been looking through some previous questions relating to integrating Azure MFA into and existing F5 APM policy.
We currently use AAA Radius Server On-Prem in our APM policy that takes the OTP variable at the login page and validates against the AAA Radius Servers.
I would like to replace this Radius Auth component with Azure MFA to provide the OTP using SAML to perform this part of the Authentication Process. I assume this would follw the following Login pattern:
Users Login with AD username and Password SAML process is then triggerd with AD information to generate an SMS text message to the user and a page is displayed asking for the code.
Once the code is entered and is valid the Access Policy flow can continue on as per our current configuration
I have looked at the following link that describes this but this example is using On-Prem MFA Servers and not using SAML to perform this. https://devcentral.f5.com/articles/heres-how-i-did-it-integrating-azure-mfa-with-the-big-ip-19634
Just wondering if anyone out there has done similar to what I need to do and could share how they did it?
I'm not all that familiar with SAML yet either but understand the basic principles in how this works
Many thanks in advance