APM SAML without f5 login page
Hi, I am preparing to test SAML auth on APM and all of the documentation that I have been able to find seems to require that I use an IdP connector on the f5 side and this doesn't seem necessary to me based on what I understand my requirements to be.
We have a number of sites on SAML today and they seem to be simply loaded with the pub cert from the IdP in order to trust the assertion without the need to directly communicate with the IdP.
I am looking for a login flow just like the above that will simply redirect the unauthed user when accessing the f5 VS to the IdP for 2FA and then accept the signed assertion when the user is redirected to the VS. I don't want any sort of auth page presented by f5, if possible.
Once functional, I believe I would need to explore options to getting the assertion info to be consumed by the back end web servers.
Is there any documentation that describes configuration of this sort of login flow? Thank you.