Manual Chapter : Overview of Okta with OAuth, step-up authentication, and RADIUS MFA

Applies To:

Show Versions Show Versions

BIG-IP APM

  • 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 15.1.10, 15.1.9
Manual Chapter

Overview of Okta with OAuth, step-up authentication, and RADIUS MFA

You can create a Zero Trust Identity Aware Proxy configuration using Okta and OAuth, with RADIUS MFA. For this scenario, the Zero Trust proxies are Access Policy Managers configured in
Client + Resource Server
configurations. APM is configured as the Authentication Server. RADIUS is used for multifactor authentication in a branch that requires more authentication (for example, an /admin URL). In this scenario, the authentication server uses the Zero Trust Step-Up Authentication feature to provide seamless access across different apps.
To create a configuration for Seamless Auth with Okta, OAuth, and RADIUS MFA, you must complete the following steps.
  • Create the Okta configuration
  • Create an Okta OAuth provider
  • Configure an OAuth client and resource server on APM
  • Create an allow-all access policy and a per-request policy
  • Create configuration objects in the per-request policy
  • Assign the access policy and per-request policy to a virtual server