How to Configure an OAuth 2.0 Server in F5 Big-IP

Any App that wants to use F5’s Big-IP Access Policy Manager Single Sign-On (SSO) solution, must first be registered in OAuth server in F5 Big-IP. This registration process involves giving F5’s OAuth server details about your App, such as the URL, where it’s located, the URL to send replies to after a user is authenticated, the URI that identifies the app, and other things.

This Knowledge Base article covers the steps to configure an OAuth server in F5 BIG-IP.

Prerequisites for App Registrations in Big-IP Federate and F5 Access Policy Manager SSO

In order to register Apps in F5 Big-IP you’ll need:

  • F5 Big-IP credentials

Configure an OAuth Server in F5 BIG-IP

For the authentication to succeed a scope, a Resource server and an OAuth Profile should be configured on the Big-IP.

Configuring an Oauth Scope

  1. Log in to F5 BIG-IP
  2. On the expand Access from the menu
  3. Select Federation –> OAuth Authorization Server –> Scope –> ‘+’

  1. Fill in the Scope details and select Update

 

Configuring a Resource Server

  1. Select Federation –> OAuth Authorization Server –> Resource Server –>+’

  1. Type in a Name
  2. Select the Authentication Type
  3. Click Update

Configuring a Client Application

  1. From the Access menu Select Federation –> OAuth Authorization Server –> Client Application –> ‘+’

  1. Type in a Name
  2. Under Security Settings, check Authorization Code / Hybrid and Implicit
  3. Add a Redirect URI(s) (when the redirect URI is reached the authentication has ended)
  4. Check Support OpenID Connect if you want to use open ID connect
  5. Select the Authentication Type
  6. Add the scope you created
  7. Select Update
  8. Select the Client Application you created and take note of the Client ID. It will be used in the fusion step on the Appdome platform

Configuring an OAuth Profile

From the Access menu Select Federation –> OAuth Authorization Server –> OAuth Profile –> ‘+’

  1. Move the Client Application you created to the selected column
  2. Move the Resource Server you created to the selected column

Note the Authorization Endpoint and Token Issuance Endpoint as they will be used in the app Building step on the Appdome platform.

That’s it! You have successfully configured the OAuth server in F5 Big-IP.

Now you can head over to the Appdome Platform and easily enhance F5’s Access Policy Manager SSO to your apps.

How Do I Learn More?

To make sure your app is properly Built with F5 APM SSO, check out this article on Adding F5 APM SSO to your app or request a demo at any time.

If you have any questions, please send them our way at support@appdome.com or via the chat window on the Appdome platform.

Thank you!

Thanks for visiting Appdome! Our mission is to make mobile integration easy. We hope we’re living up to the mission with your project.
If you don’t already have an account, you can sign up for free.

Liron Dror

Have a question?

Ask an expert

DafnaMaking your security project a success!