Manual Chapter : Completing the per-request policy for Okta OAuth with RADIUS MFA

Applies To:

  • BIG-IP APM

    21.0.0, 17.5.1, 17.5.0, 17.1.3, 17.1.2, 17.1.1, 17.1.0, 17.0.0, 16.1.6, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 15.1.10, 15.1.9

back-action Seamless OAuth with Okta and RADIUS MFA

Updated Date: 04/30/2026

Completing the per-request policy for Okta OAuth with RADIUS MFA

Complete the previous tasks, including creating a per-request policy, adding a URL Branching item, and creating subroutines for Oauth authentication and MFA.

This step completes the per-request policy to provide Okta OAuth athentication with RADIUS MFA. Add OAuth subroutines to both admin and non-admin branches, and the MFA subroutine to the successful admin branch. Then add a pool to each successful branch.

  1. In the main per-request policy, on the admin branch, click the plus symbol.

  2. Click the Subroutines tab, select the OAuth auth subroutine you created, and click Add Item.

  3. On the successful branch after the OAuth subroutine, click the plus symbol.

  4. Click the Subroutines tab, select the RADIUS MFA subroutine you created, and click Add Item.

  5. In the main per-request policy, on the non-admin branch, click the plus symbol.

  6. Click the Subroutines tab, select the OAuth auth subroutine you created, and click Add Item.

  7. Add a pool to each success branch.

  8. Configure an Allow ending for each success branch.

The per-request policy is now complete.

Assign an allow-all access policy and this per-request policy to a virtual server.