Manual Chapter :
Defining an HTTP Connector Transport for Okta MFA
Applies To:
Show Versions
BIG-IP APM
- 17.1.0, 17.0.0, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 15.1.10, 15.1.9
Defining an HTTP Connector Transport for Okta MFA
Okta MFA requires that you create an HTTP
Connector Transport to provide transport level parameters (such as an SSL profile and
DNS resolver), used for sending requests to Okta.
- On the Main tab, click .
- ClickCreate.
- Specify aNamefor the connector transport.
- Select aDNS Resolverthat the transport uses to resolve the server name specified in the HTTP Connector URL. Click+to create a new resolver.
- Select aServer SSL Profilethat the HTTP Connector Transport uses to encrypt communication for the HTTP Connector. Click+to create a Server SSL Profile, then select the profile.Okta MFA requires encrypted communication for the connection so the Server SSL Profile is required.F5 recommends that for theTrusted Certificate Authoritiesfield in the SSL profile that you do not use the defaultca-bundle.crt. Instead, create a smaller CRT bundle, which includes only the CA root certificates required by Okta. Refer to Okta documentation for details.
- Specify a limit for theMaximum Response Size, in bytes, that the HTTP Connector Request can receive. The Maximum Response Size limit is ignored if the Response Action in the associated HTTP Connector Request is set to.Ignore
- Specify theTimeoutin seconds for the HTTP Connector Transport connection.
- ClickSave.
The HTTP Connector
Transport is defined, and appears in the HTTP Connector Transport list. You will need to
select it when creating an Okta Connector.
