Manual Chapter :
Adding a Variable Assign agent to collect the username in an OAuth MFA
subroutine
Applies To:
Show VersionsBIG-IP APM
- 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 15.1.10, 15.1.9
Adding a Variable Assign agent to collect the username in an OAuth MFA
subroutine
You should have a per-request policy, and SAML
authentication servers for authentication with and without MFA.
Create the subroutines to allow continuous checks and
reauthenticate with RADIUS and MFA when the user goes to a specific URL.
- From the Main tab, click.
- Find the policy you want to edit, and in the Per-Request Policy column, clickEdit.
- In the per-request policy, clickAdd New Subroutine.
- Name the subroutine for use with OAuth and MFA. For example,radius_mfa_okta.
- ClickSave.
- Expand the subroutine, and click the plus to add a new item.
- Click theAssignmenttab, selectVariable Assign, and clickAdd Item.
- ClickAdd new entry.
- On the left, selectCustom Variableand typesubsession.logon.last.username.
- On the right, selectSession Variableand typelast.subsession.logon.last.logonname.
- ClickFinished.
Configure the
remaining items for the subroutine.