Manual Chapter : Creating a virtual server for SAML Auth with Azure and MFA

Applies To:

  • BIG-IP APM

    21.0.0, 17.5.1, 17.5.0, 17.1.3, 17.1.2, 17.1.1, 17.1.0, 17.0.0, 16.1.6, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 15.1.10, 15.1.9

back-action Seamless SSO: Azure with SAML and MFA

Updated Date: 04/30/2026

Creating a virtual server for SAML Auth with Azure and MFA

Determine the IP address you want to use to create the virtual server. This should be the same address as your application. For example, app.example.com.

Create a virtual server and attach the allow-all access policy and the per-request policy that confgures SAML Auth with Azure and MFA.

  1. On the Main tab, click Local Traffic > Virtual Servers.

    The Virtual Server List screen opens.

  2. Click Create.

    The New Virtual Server screen opens.

  3. In the Name field, type a unique name for the virtual server.

  4. In the Destination Address field, type the IP address you want to use for the virtual server.

    This address should correspond to the address specified for your application in Microsoft Azure.

  5. In the service port field, type the service port, or select the service from the list.

    For example, HTTPS.

  6. From HTTP Profile (Client) select an HTTP profile (typically, http).

  7. In the Access Policy area, from Access Profile, select the allow-all access policy you created.

  8. From Per-Request Policy, select the per-request policy you created for SAML Auth with Azure and MFA.

  9. Click Finished.

You have completed configuration for SAML Auth with Azure and MFA.