Manual Chapter :
Adding a URL branching rule
Applies To:
Show Versions
BIG-IP APM
- 15.1.10, 15.1.9, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.1, 15.1.0
Adding a URL branching rule
You must have a per-request policy.
Add a URL branching rule to provide branching
for different URLs to allow different authentication methods.
- From the Main tab, click .
- Find the policy you want to edit, and in the Per-Request Policy column, clickEdit.
- Add a URL branching rule by clicking the plus symbol, then the Classification tab, then selecting URL Branching. ClickAdd Item.
- Click the Branch Rules tab.
- In theNamefield, type the name of the branch for MFA. For example,admin.
- Next toExpression: URL contains: domain.com, clickChange.
- In theURL containsfield, type the URL for users who are required to use MFA. For example,https://app.example.com/admin/*.Rules are evaluated in order, so specify the most specific rule first. In this example, we specify the<url>/admin/*rule first, because this URL requires MFA, and it is more specific than the next rule,<url>/*. If we specified the less specific rule first, all traffic would be sent to primary authentication, and MFA would not be used.
- ClickFinished.
- FromInsert Before, selectfallback, then clickAdd Branch Rule.
- In theNamefield, type the name of the branch that does not use MFA. For example,non-admin.
- Next toExpression: Emptyclickchange.
- ClickAdd Expression.
- FromCondition, selectSubstring.
- In theURL containsfield, type the URL to match for all other non-MFA traffic. For example,https://app.example.com/*.You are not required to usesubstringas the condition when specifying a URL. You can useequalsfor an exact match,prefixorsuffixfor prefix or suffix matching, orglobfor glob matching.
- ClickFinished.This is an example of the URL Branching access policy item configured to branch for MFA and non-MFA authentication.
