Manual Chapter :
Common Elements - OAuth client and
resource server
Applies To:
Show VersionsBIG-IP APM
- 15.0.1, 15.0.0
Common Elements - OAuth client and
resource server
- On the Main tab, click.APM supplies several preconfigured requests for these providers: AzureAD (Azure Active Directory), F5 (APM), Facebook, Google, Okta, and Ping (PingFederate from Ping Identity).
- On the Main tab, click.The OAuth Server screen opens.
- From theTypelist, to get OAuth authorization services from another BIG-IP system, retain the default selectionF5; otherwise select another type.If any providers of the selected type exist, theOAuth Providerfield displays one.
- From theOAuth Providerlist, retain the default selection or select another provider.
- From theDNS Resolverlist, select a DNS resolver (or click the plus (+) icon, create a DNS resolver, and then select it).
- If you have iRules to use, in theiRulessetting move them to theSelectedlist.For detailed information on iRules, see the F5 Networks DevCentral web site,devcentral.f5.com.
- In theToken Validation Intervalfield, type a number.If you configure a per-request policy subroutine to validate the token, the subroutine repeats at this interval, or the expiry time of the access token, whichever is shorter.
- In the Client Settings area, fill in these fields:You should have gotten a client ID and client secret when you registered APM as a client of the OAuth authorization server.
- In theClient IDfield, type or paste the client ID.
- In theClient Secretfield, type or paste the secret.
- From theClient's ServerSSL Profile Name, select a server SSL profile.
- In the Resource Server Settings area, fill in these fields.You should have gotten an ID and secret from the OAuth authorization server when you registered APM with it.Social account providers supply only client ID and client secret. For social account providers, use the client ID and client secret for the client and the resource server IDs and secrets.
- In theResource Server IDfield, type or paste the resource server ID (for an enterprise provider).For a social provider, type or paste the client ID instead.
- In theResource Server Secretfield, type or paste the resource server secret (for an enterprise provider).For a social provider, type or paste the client secret instead.
- From theResource Server's ServerSSL Profile Name, select a server SSL profile.
- ClickFinished.The server displays on the OAuth Servers screen.
The request displays in the list on
the screen.
Requests are available for selection
in the OAuth Client and OAuth Scope agents when you configure an access policy or a
per-request policy subroutine.