Manual Chapter : Adding a Variable Assign agent to collect the username in an OAuth MFA subroutine

Applies To:

Show Versions

BIG-IP APM

15.1.10, 15.1.9, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.1, 15.1.0

Adding a Variable Assign agent to collect the username in an OAuth MFA subroutine

You should have a per-request policy, and SAML authentication servers for authentication with and without MFA.

Create the subroutines to allow continuous checks and reauthenticate with RADIUS and MFA when the user goes to a specific URL.

From the Main tab, click

Access

Profiles / Policies

Per-Request Policies

Find the policy you want to edit, and in the Per-Request Policy column, click

Edit

In the per-request policy, click

Add New Subroutine

Name the subroutine for use with OAuth and MFA. For example,

radius_mfa_okta

Click

Save

Expand the subroutine, and click the plus to add a new item.

Click the

Assignment

tab, select

Variable Assign

, and click

Add Item

Click

Add new entry

On the left, select

Custom Variable

and type

subsession.logon.last.username

On the right, select

Session Variable

and type

last.subsession.logon.last.logonname

Click

Finished

Configure the remaining items for the subroutine.

Seamless OAuth with Okta and MFA

Creating a logon page for MFA in a subroutine

Assigning push and OTP variables for MFA in a subroutine

Subscriptions

Product Usage

Trials

Registration Keys

Downloads

Applies To:

BIG-IP APM

Adding a Variable Assign agent to collect the username in an OAuth MFA subroutine

Have a Question?

About F5

Education

F5 Sites

Support Tasks

Subscriptions

Product Usage

Trials

Registration Keys

Downloads

Applies To:

BIG-IP APM

Adding a Variable Assign agent to collect the username in an OAuth MFA subroutine

Have a Question?

Follow Us

About F5

Education

F5 Sites

Support Tasks