Manual Chapter :
Overview of Okta with OAuth, step-up authentication, and RADIUS
MFA
Applies To:
Show VersionsBIG-IP APM
- 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 15.1.10, 15.1.9
Overview of Okta with OAuth, step-up authentication, and RADIUS
MFA
You can create a Zero Trust Identity Aware Proxy configuration using Okta and
OAuth, with RADIUS MFA. For this scenario, the Zero Trust proxies are Access Policy
Managers configured in
Client + Resource
Server
configurations. APM is configured as the Authentication Server.
RADIUS is used for multifactor authentication in a branch that requires more
authentication (for example, an /admin URL). In this scenario, the authentication server
uses the Zero Trust Step-Up Authentication feature to provide seamless access across
different apps.To create a configuration for Seamless Auth with Okta, OAuth, and RADIUS
MFA, you must complete the following steps.
- Create the Okta configuration
- Create an Okta OAuth provider
- Configure an OAuth client and resource server on APM
- Create an allow-all access policy and a per-request policy
- Create configuration objects in the per-request policy
- Assign the access policy and per-request policy to a virtual server