Last Modified: Apr 28, 2025
Affected Product(s):
BIG-IP APM
Known Affected Versions:
14.0.0, 14.0.0.1, 14.0.0.2, 14.0.0.3, 14.0.0.4, 14.0.0.5, 14.0.1, 14.0.1.1, 15.0.0, 15.0.1, 15.0.1.1, 15.0.1.2, 15.0.1.3, 15.0.1.4
Fixed In:
15.1.0, 14.1.0
Opened: Feb 14, 2018 Severity: 4-Minor
Internal multi-domain SSO does not work when the authentication cookie scope is host.
Internal multi-domain SSO does not work.
SSO configuration is assigned to an access profile for multi-domain SSO, and one of the following: -- There is no SSO configured for the requested authentication domain. -- The request does not map to configured authentication domains.
You can use either of the following workarounds: -- Configure the application cookie scope as 'Domain'. -- Configure the SP-connector sp-location as 'External.
BIG-IP APM can be configured as a SAML IdP to provide inline SSO for SPs not directly reachable by the client. For additional configuration details, see K06743491--Overview of BIG-IP APM SAML inline SSO :: https://support.f5.com/csp/article/K06743491.