F5 APM with Azure AD

F5 BIG-IP® Access Policy Manager® (APM) is a secure, flexible, high-performance solution that provides unified global access to your network, cloud, and applications. With a single management interface, it converges and consolidates remote, mobile, network, virtual desktops, and web access. BIG-IP APM enables the creation and enforcement of simple, easy-to-manage, intelligent access policies.

This Knowledge Base article provides step-by-step instructions for using Appdome to Support F5’s APM with Azure AD to any Android and iOS mobile app. Using Appdome to add Support for F5’s APM with Azure AD, the mobile app will rely on and trust AzureAD and include the in-app mechanisms to securely store, use, retrieve and update the authentication credentials passed from F5 and Azure AD to the mobile app.

We hope you find this knowledge base useful and enjoy using Appdome!

Adding support for F5’s APM with Azure AD to Mobile Apps Without Coding

Appdome is a mobile integration platform as a service (iPaaS) that allows users to add a wide variety of features, SDKs and APIs to Android and iOS apps. Using a simple ‘click to add’ user interface, Appdome allows anyone to easily integrate F5’s APM Azure AD SSO to any mobile app – instantly, no code or coding required.

Using Appdome, there are no development or coding prerequisites. For example, there is no Appdome SDK, libraries, or plug-ins to implement. Likewise, there are no required infrastructure changes and no dependency on SAML, OAuth, OpenID Connect or any other authentication standard inside the app. Users merely upload mobile apps, select the F5 APM service and click “Build My App.” The Appdome technology adds support for F5’s APM with Azure AD SSO and relevant standards, frameworks and more to the app automatically, with no manual development work at all.

Using Appdome, mobile apps will use Microsoft Azure AD SSO to authenticate users over F5’s APM as if it was natively coded to the app. Appdome for F5’s APM Azure AD SSO is compatible with mobile apps built in any development environment including Native Android and iOS apps, hybrid apps and non-native apps built in Xamarin, Cordova, and React Native, Ionic and more. This streamlines implementations, cuts development work, and ensures a guaranteed and consistent integration of F5’s APM with Azure AD SSO to any mobile app.

The following diagram illustrates the Single-Sign-On flow within the app when accessing a web application through F5’s Application Policy Manager:

  1. The application sends a request to reach a Virtual Server protected by F5’s Policy Manager.
  2. The F5 APM responds with a 30X response since the request is not authorized.
  3. Appdome identifies the response for the protected resource and opens an internal Webview within the Fused App
  4. The internal Webview is opened on the Virtual Server URL and redirects to an Azure login page
  5. The user can now authenticate his user. During the authorization session access cookies are received and stored
  6. Appdome identifies the successful authentication and closes the internal Webview, thus returning the view to the original app
  7. Once the app tries to reach the protected resource, Appdome will attach the authorization session cookies to the outgoing request required to pass the APM, and the app will reach the protected resource successfully

Prerequisites for using Appdome for F5’s APM with Azure AD

In order to use Appdome’s no code implementation of Microsoft Azure AD SSO on Appdome, you’ll need:

  • Appdome account IDEAL or higher
  • Mobile App (.ipa for iOS, or .apk or .aab for Android)
  • Azure Active Directory.
  • F5 BIG-IP with an APM license.
  • Azure AD Access policy set up on F5 APM
  • Signing Credentials (e.g., signing certificates and provisioning profile)

Follow this F5 knowledge base on how to set up an access policy with Azure.

How to Add Support for F5’s APM with Azure AD to Any Mobile App on Appdome

Follow these step-by-step instructions to add Support for F5’s APM with Azure AD to Any Mobile App:

Upload a Mobile App to Your Account

Please follow these steps to add a mobile app to your Appdome account.
If you don’t have an Appdome account, click here to create an account.

From the “Build” tab, Add Support for F5’s APM with Azure AD

Select the Build TabNote: a blue underline will appear showing the step is active
Beneath the Build Tab, you will find several service options. Select AccessNote: a blue highlight will appear showing the category is active. 

  1. Click on the toggle to enable Mobile Access and MicroVPN
  2. Under the Access Profile, open the Scheme drop-down list, select F5 Access Policy Manager
  3. Add the Virtual Server URL. this is the URL representing your F5’s virtual server.
  4. Click Build My App

The technology behind Build My App has two major elements – (1) a microservice architecture filled with 1000s of code sets needed for mobile integrations, and (2) an adaptive code generation engine that can recognize the development environment, frameworks and methods in each app and match the app to the relevant code-sets needed to add Support for F5’s APM with Azur AD to the mobile app in seconds. For example, Managing the cookies needed by F5 for authentication, work that ordinarily a developer would need to do.

Congratulations! You now have a mobile app fully integrated with F5’s APM.

After Adding Support for F5’s APM with Azure AD to a Mobile App on Appdome

After you have added F5’s APM with Azure AD to any Mobile App on Appdome, there are a few additional steps needed to complete your mobile integration project.

Add Context™ to the Appdome-Built App

Appdome is a full-featured mobile integration platform. Within Context™, Appdome users can brand the app, including adding a favicon to denote the new service added to the app.
For more information on the range of options available in Context™, please read this knowledge base article.

Sign the F5’s APM enabled Appdome-Built App (Required)

In order to deploy an Appdome-built app, it must be signed. Signing iOS apps and Signing Android apps are easy using Appdome. Alternatively, you can use Private Signing, download your unsigned app and sign locally using your own signing methods.

Deploy the Appdome-Built App to a Mobile Device

Once you have signed your Appdome-Built app, you can download to deploy it using your distribution method of choice. For more information on deploying your Appdome-Built apps, please read this knowledge base.

That is it – Enjoy Appdome for F5’s APM with Azure AD in your app!

How Do I Learn More?

Check out Appdome for SSO+ blog or request a demo at any time.

If you have any questions, please send them our way at support@appdome.com or via the chat window on the Appdome platform.

Thank you!

Thanks for visiting Appdome! Our mission is to make mobile integration easy. We hope we’re living up to the mission with your project. If you don’t already have an account, you can sign up for free.

Kai Kenan

Have a question?

Ask an expert

TomMaking your security project a success!