Last Modified: Nov 07, 2022
Affected Product(s):
BIG-IP APM
Known Affected Versions:
13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3
Fixed In:
13.1.0, 13.0.1
Opened: Nov 18, 2016 Severity: 3-Major
OAuth Client/RS and Authorization Server don't work together on the same BIG-IP system. These two features cannot be configured on the same BIG-IP system, and have to be configured on separate BIG-IP systems. Beginning with version 13.0.0, APM supports OAuth Client and RS functionality as one feature. APM also supports AS (an F5-specific implementation) as another feature. These two features are dependent on each other in that OAuth Client/RS communicate with AS for authorization decisions.
APM OAuth Client/RS and AS cannot communicate each other when configured on the same BIG-IP system.
When APM OAuth client/RS and AS are configured on the same BIG-IP system.
Configure OAuth ClientRS on one BIG-IP system and AS on another BIG-IP system.
Now OAuth Resource Server (RS), Authorization Server (AS), and Client role can be used simultaneously in the same BIG-IP.