Manual Chapter : Creating the per-request policy for Okta with OAuth and RADIUS MFA

Applies To:

  • BIG-IP APM

    21.0.0, 17.5.1, 17.5.0, 17.1.3, 17.1.2, 17.1.1, 17.1.0, 17.0.0, 16.1.6, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 15.1.10, 15.1.9

back-action Seamless OAuth with Okta and RADIUS MFA

Updated Date: 04/30/2026

Creating the per-request policy for Okta with OAuth and RADIUS MFA

You should have created applications on your Okta AD system for main authentication and MFA. On the BIG-IP system, you should have configured External Identity Providers and local Service Providers for both main authentication and MFA.

In this task, you configure the access policy that creates the traffic and event flow for the BIG-IP system as a Service Provider and Azure AD as the Identitity Provider, using SAML Authentication and MFA for separate per-request policy branches.

  1. On the Main tab, click Access > Profiles / Policies > Per-Request Policies.

  2. Click Create.

  3. Specify a Name.

  4. Leave Policy Type set to All.

  5. For most cases, leave Incomplete Action set to Deny.

  6. For the Customization Type, use the default value Modern.

  7. Add one or more Accepted Languages.

  8. Click Finished.