F5 APM as Service Provider (SP) and Microsoft AzureAD as Identity Provider (IDP)

In this Article we will go through a deployment approach where F5 BIG-IP Access Policy Manager (APM) front an application as Service Provider (SP) whether on cloud or on-premises,  while AzureAD acts as Identity Provider (IDP) to provide identity services, Conditional Access and other services.
In our case, there's an additional point we are using Kerberos for Single Sign-On (SSO). Such deployment can be observed in corporates moving to cloud and keeping internal Active Directory or other authentication mechanisms internal, so BIG-IP APM will be able to authenticate users with AzureAD and apply SSO at backend.

Configurations summary

  • Register Application at AzureAD.
  • Get the SSO elements from AzureAD.
  • Configure BIG-IP APM SP with the right parametes.
  • Configure BIG-IP APM Kerberos SSO.


Configurations details


Related contents


Published Jul 17, 2023
Version 1.0

Was this article helpful?

No CommentsBe the first to comment