Manual Chapter : Creating an external IdP connector for MFA with Azure AD

Applies To:

Show Versions Show Versions

BIG-IP APM

  • 15.1.10, 15.1.9, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.1, 15.1.0
Manual Chapter

Creating an external IdP connector for MFA with Azure AD

Locate the metadata you exported from Azure AD for the non-gallery application you created for multifactor authentication. You will use this metadata to create the external IdP on the BIG-IP.
You create an external IdP to allow BIG-IP to work as a Service Provider with Azure AD as the Identity Provider.
  1. On the Main tab, click
    Access
    Federation
    SAML Service Provider
    External IdP Connectors
    .
  2. Click the arrow next to
    Create
    , then select
    From Metadata
    .
  3. Click
    Browse
    and select the metadata file you exported from Azure AD for the application with MFA.
  4. Type a
    Name
    for the Identity Provider.
  5. Click
    OK
    .
Next, create local SAML Service Providers (SPs) for the main authentication and multifactor authentication.