Manual Chapter : Creating an allow-all per-session policy

Applies To:

  • BIG-IP APM

    21.0.0, 17.5.1, 17.5.0, 17.1.3, 17.1.2, 17.1.1, 17.1.0, 17.0.0, 16.1.6, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 15.1.10, 15.1.9

back-action Seamless SSO: Azure with SAML and MFA

Updated Date: 04/30/2026

Creating an allow-all per-session policy

You create an allow-all per-session policy to provide an in and out point for your per-request policies on a virtual server.

Note: It is not required that the per-session policy that provides the in and out point for your per-request policy be empty. You can use an existing policy, or create one with per-session access policy items specifically for this purpose. However, an allow-all policy is the simplest per-session policy that will work.

  1. On the Main tab, click Access > Profiles / Policies.

    The Access Profiles (Per-Session Policies) screen opens.

  2. Click Create.

    The New Profile screen opens.

  3. In the Name field, type a unique name for the access profile.

  4. For the Profile Type, select All.

  5. For Profile Scope, specify the appropriate scope for this policy, or use the default Profile.

  6. For the Customization Type, use the default value Modern.

  7. In the Language Settings section, move one or more languages to the Accepted Languages list.

  8. Click Finished.

    The Access Profiles (Per-Session Policies) screen is displayed.

  9. In the Per-Session Policies column, click the Edit… link.

  10. Change the Deny ending to Allow.

  11. Save and Apply the access policy.

You now have a per-session access policy that allows all traffic, which can then be processed by the per-request access policy.

Create a virtual server for the HTTP Connector policy.