Manual Chapter : Checking for client information in a per-request policy

Applies To:

  • BIG-IP APM

    21.0.0, 17.5.1, 17.5.0, 17.1.3, 17.1.2, 17.1.1, 17.1.0, 17.0.0, 16.1.6, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 15.1.10, 15.1.9

back-action Implementing Device Posture Checks

Updated Date: 04/30/2026

Checking for client information in a per-request policy

You should have a per-request policy attached to a virtual server. In addition, your virtual server must have an access profile attached, which can be a blank “allow-all” policy.

Add the Client Information check to a per-request policy to enable the policy to collect the client information specified by F5 Access Guard, and to use this information for client information checks in subroutines.

  1. From the Main tab, click Access > Profiles / Policies > Per-Request Policies.

  2. Find the policy you want to edit, and in the Per-Request Policy column, click Edit.

  3. On a branch in the per-request policy, click the plus symbol to add an item.

  4. Click the Endpoint Security (Server-Side) tab, and select Client Information, then click Add Item.

  5. From the Certificate Authority field, select the certificate authority used to encrypt the information in HTTP headers.

    The Client Information check is added, and information as specified in the F5 Access Guard configuration file is collected from clients that access the virtual server to which this per-request policy is attached.

  6. Click Save.

Add client check items to subroutines, and add those subroutines to the per-request policy, to check client information.