{"id":936,"date":"2020-11-29T20:13:18","date_gmt":"2020-11-29T12:13:18","guid":{"rendered":"https:\/\/www.insecurewire.com\/?p=936"},"modified":"2020-11-29T20:13:18","modified_gmt":"2020-11-29T12:13:18","slug":"configuring-azure-mfa-with-f5-access-policy-manager","status":"publish","type":"post","link":"https:\/\/www.insecurewi.re\/index.php\/2020\/11\/29\/configuring-azure-mfa-with-f5-access-policy-manager\/","title":{"rendered":"Configuring Azure MFA with F5 Access Policy Manager"},"content":{"rendered":"<p>In this post I will detail how to configure F5 Access Policy Manager (APM) with Microsoft Azure Multi Factor Authentication (MFA). In this scenario APM is deployed as a Single Sign on Portal (SSO), however the logic remains the same if you were using APM as a front end to any internally hostewd application. In this example F5 APM is configured with radius for the MFA functionality. That is APM will talk Radius protocol to the Radius server once a user has passed Active Directory authentication. <\/p>\n<p><strong>Prerequisites<\/strong><br \/>\n1. Make sure your Radius server setup and configured with <a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/authentication\/howto-mfa-nps-extension\" rel=\"noopener noreferrer\" target=\"_blank\">Microsoft NPS extensions for Azure<\/a>. The Azure tenancy should be configured to accept Radius requests from your NPS server.<br \/>\n2. Radius clients should be configured for the F5 self ip addresses<br \/>\n3. Users from your internal AD should be synched to your tenancy and enrolled in MFA. All of this is out of scope of this post.<\/p>\n<p><strong>F5 APM Configuration<\/strong><br \/>\n1. Configure the Radius server from Access > Authentication > Radius. Set the server addresses and the secret key (they must match what is configured in the server). Set the timeout to 60 seconds. Click Update.<br \/>\n2. Now you need to either create an access policy or edit an existing one. Access > Policies \/ Profiles > Access Profiles (Create or Edit). I have one existing so I click the edit link to bring up the Visual Policy Editor.<br \/>\n3. Edit your Logon Page and make sure Split domain from full Username is set to yes. We only want to send the username value to the Radius server for MFA.<br \/>\n<a href=\"https:\/\/www.insecurewire.com\/wp-content\/uploads\/2020\/11\/logon.png\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.insecurewi.re\/wp-content\/themes\/breek\/assets\/images\/transparent.gif\" data-lazy=\"true\" data-src=\"https:\/\/www.insecurewire.com\/wp-content\/uploads\/2020\/11\/logon.png\" alt=\"F5 Logon Step\" width=\"423\" height=\"152\" class=\"aligncenter size-full wp-image-940\" data-srcset=\"https:\/\/www.insecurewi.re\/wp-content\/uploads\/2020\/11\/logon.png 423w, https:\/\/www.insecurewi.re\/wp-content\/uploads\/2020\/11\/logon-300x108.png 300w, https:\/\/www.insecurewi.re\/wp-content\/uploads\/2020\/11\/logon-100x36.png 100w\" data-sizes=\"auto, (max-width: 423px) 100vw, 423px\" \/><\/a><br \/>\n4. You need a new step after the AD Auth step to assign a new variable (+ variable assign). Call it as follows: <code>session.logon.custom.pass = mcget -secure {session.logon.last.password}<\/code><br \/>\n<a href=\"https:\/\/www.insecurewire.com\/wp-content\/uploads\/2020\/11\/var-assign-0.png\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.insecurewi.re\/wp-content\/themes\/breek\/assets\/images\/transparent.gif\" data-lazy=\"true\" data-src=\"https:\/\/www.insecurewire.com\/wp-content\/uploads\/2020\/11\/var-assign-0.png\" alt=\"Variable Assign\" width=\"609\" height=\"181\" class=\"aligncenter size-full wp-image-946\" data-srcset=\"https:\/\/www.insecurewi.re\/wp-content\/uploads\/2020\/11\/var-assign-0.png 609w, https:\/\/www.insecurewi.re\/wp-content\/uploads\/2020\/11\/var-assign-0-300x89.png 300w, https:\/\/www.insecurewi.re\/wp-content\/uploads\/2020\/11\/var-assign-0-100x30.png 100w\" data-sizes=\"auto, (max-width: 609px) 100vw, 609px\" \/><\/a><br \/>\nThis configures a fresh variable for the users password which can be assigned at the SSO Credential Mapping step. It allows users to use the push notification and the passcode methods of Azure MFA.<br \/>\n5. Add another step after the Variable Assign. Select + and Radius Auth. Call it Azure MFA. Select the AAA Server as the Radius server you created in step 1. Click Save.<br \/>\n6. Now edit the SSO Credential Mapping step and change SSO Token Password to Custom: <code>mcget -secure {session.logon.last.password}<\/code>.<br \/>\n<a href=\"https:\/\/www.insecurewire.com\/wp-content\/uploads\/2020\/11\/sso-cred-mapping.png\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.insecurewi.re\/wp-content\/themes\/breek\/assets\/images\/transparent.gif\" data-lazy=\"true\" data-src=\"https:\/\/www.insecurewire.com\/wp-content\/uploads\/2020\/11\/sso-cred-mapping.png\" alt=\"SSO Credentials Mapping\" width=\"609\" height=\"152\" class=\"aligncenter size-full wp-image-947\" data-srcset=\"https:\/\/www.insecurewi.re\/wp-content\/uploads\/2020\/11\/sso-cred-mapping.png 609w, https:\/\/www.insecurewi.re\/wp-content\/uploads\/2020\/11\/sso-cred-mapping-300x75.png 300w, https:\/\/www.insecurewi.re\/wp-content\/uploads\/2020\/11\/sso-cred-mapping-100x25.png 100w\" data-sizes=\"auto, (max-width: 609px) 100vw, 609px\" \/><\/a><br \/>\nThis maps the variable from post authentication but before Azure MFA step. If the APM SSO module is not configured in this way the users password variable would be changed to the 6 digit passcode if the users authenticated using that Azure MFA method.<br \/>\n7. If you created a new policy go over to Local Traffic > Virtual Server. Click on your VS and scroll down the Access Profile and set it to this new MFA one. This allows you to retro fit MFA to Virtual Servers with APM.<br \/>\n<a href=\"https:\/\/www.insecurewire.com\/wp-content\/uploads\/2020\/11\/vpe.png\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.insecurewi.re\/wp-content\/themes\/breek\/assets\/images\/transparent.gif\" data-lazy=\"true\" data-src=\"https:\/\/www.insecurewire.com\/wp-content\/uploads\/2020\/11\/vpe.png\" alt=\"F5 VPE\" width=\"1435\" height=\"155\" class=\"aligncenter size-full wp-image-942\" data-srcset=\"https:\/\/www.insecurewi.re\/wp-content\/uploads\/2020\/11\/vpe.png 1435w, https:\/\/www.insecurewi.re\/wp-content\/uploads\/2020\/11\/vpe-300x32.png 300w, https:\/\/www.insecurewi.re\/wp-content\/uploads\/2020\/11\/vpe-1024x111.png 1024w, https:\/\/www.insecurewi.re\/wp-content\/uploads\/2020\/11\/vpe-768x83.png 768w, https:\/\/www.insecurewi.re\/wp-content\/uploads\/2020\/11\/vpe-100x11.png 100w, https:\/\/www.insecurewi.re\/wp-content\/uploads\/2020\/11\/vpe-700x76.png 700w\" data-sizes=\"auto, (max-width: 1435px) 100vw, 1435px\" \/><\/a><br \/>\nI have succssfully tested this configuration using Azure MFA methods:<br \/>\n&#8211; Push Notification<br \/>\n&#8211; Passcode \/ SMS<br \/>\n&#8211; Phone Call<br \/>\nThe F5 will show a second page for the Code input if the user has this method as the default.<br \/>\n<a href=\"https:\/\/www.insecurewire.com\/wp-content\/uploads\/2020\/11\/code-input.png\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.insecurewi.re\/wp-content\/themes\/breek\/assets\/images\/transparent.gif\" data-lazy=\"true\" data-src=\"https:\/\/www.insecurewire.com\/wp-content\/uploads\/2020\/11\/code-input.png\" alt=\"OTP\" width=\"398\" height=\"293\" class=\"aligncenter size-full wp-image-944\" data-srcset=\"https:\/\/www.insecurewi.re\/wp-content\/uploads\/2020\/11\/code-input.png 398w, https:\/\/www.insecurewi.re\/wp-content\/uploads\/2020\/11\/code-input-300x221.png 300w, https:\/\/www.insecurewi.re\/wp-content\/uploads\/2020\/11\/code-input-100x74.png 100w\" data-sizes=\"auto, (max-width: 398px) 100vw, 398px\" \/><\/a><br \/>\nAs a side note the easiest way for a user to update the default Azure MFA method is to use the <a href=\"https:\/\/mysignins.microsoft.com\/\" rel=\"noopener noreferrer\" target=\"_blank\">My Sign-ins<\/a> tool.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>In this post I will detail how to configure F5 Access Policy Manager (APM) with Microsoft Azure Multi Factor Authentication (MFA). In this scenario APM&#8230;<\/p>\n","protected":false},"author":2,"featured_media":944,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[23,3],"tags":[44,54,58,68,101,129],"class_list":["post-936","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-azure","category-load-balancer","tag-2fa","tag-apm","tag-azure","tag-cloud","tag-f5","tag-mfa"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.1.1 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Configuring Azure MFA with F5 Access Policy Manager - Insecure Wire<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.insecurewi.re\/index.php\/2020\/11\/29\/configuring-azure-mfa-with-f5-access-policy-manager\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Configuring Azure MFA with F5 Access Policy Manager - Insecure Wire\" \/>\n<meta property=\"og:description\" content=\"In this post I will detail how to configure F5 Access Policy Manager (APM) with Microsoft Azure Multi Factor Authentication (MFA). In this scenario APM...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.insecurewi.re\/index.php\/2020\/11\/29\/configuring-azure-mfa-with-f5-access-policy-manager\/\" \/>\n<meta property=\"og:site_name\" content=\"Insecure Wire\" \/>\n<meta property=\"article:published_time\" content=\"2020-11-29T12:13:18+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.insecurewi.re\/wp-content\/uploads\/2020\/11\/code-input.png\" \/>\n\t<meta property=\"og:image:width\" content=\"398\" \/>\n\t<meta property=\"og:image:height\" content=\"293\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"nikonau\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@https:\/\/twitter.com\/insecurewire\" \/>\n<meta name=\"twitter:site\" content=\"@insecurewire\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"nikonau\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.insecurewi.re\/index.php\/2020\/11\/29\/configuring-azure-mfa-with-f5-access-policy-manager\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.insecurewi.re\/index.php\/2020\/11\/29\/configuring-azure-mfa-with-f5-access-policy-manager\/\"},\"author\":{\"name\":\"nikonau\",\"@id\":\"https:\/\/www.insecurewi.re\/#\/schema\/person\/8ba08b41fc754b971a948ead6ccb777d\"},\"headline\":\"Configuring Azure MFA with F5 Access Policy Manager\",\"datePublished\":\"2020-11-29T12:13:18+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.insecurewi.re\/index.php\/2020\/11\/29\/configuring-azure-mfa-with-f5-access-policy-manager\/\"},\"wordCount\":510,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.insecurewi.re\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.insecurewi.re\/index.php\/2020\/11\/29\/configuring-azure-mfa-with-f5-access-policy-manager\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.insecurewi.re\/wp-content\/uploads\/2020\/11\/code-input.png\",\"keywords\":[\"2FA\",\"APM\",\"Azure\",\"Cloud\",\"F5\",\"MFA\"],\"articleSection\":[\"Azure\",\"Load Balancer\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.insecurewi.re\/index.php\/2020\/11\/29\/configuring-azure-mfa-with-f5-access-policy-manager\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.insecurewi.re\/index.php\/2020\/11\/29\/configuring-azure-mfa-with-f5-access-policy-manager\/\",\"url\":\"https:\/\/www.insecurewi.re\/index.php\/2020\/11\/29\/configuring-azure-mfa-with-f5-access-policy-manager\/\",\"name\":\"Configuring Azure MFA with F5 Access Policy Manager - Insecure Wire\",\"isPartOf\":{\"@id\":\"https:\/\/www.insecurewi.re\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.insecurewi.re\/index.php\/2020\/11\/29\/configuring-azure-mfa-with-f5-access-policy-manager\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.insecurewi.re\/index.php\/2020\/11\/29\/configuring-azure-mfa-with-f5-access-policy-manager\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.insecurewi.re\/wp-content\/uploads\/2020\/11\/code-input.png\",\"datePublished\":\"2020-11-29T12:13:18+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/www.insecurewi.re\/index.php\/2020\/11\/29\/configuring-azure-mfa-with-f5-access-policy-manager\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.insecurewi.re\/index.php\/2020\/11\/29\/configuring-azure-mfa-with-f5-access-policy-manager\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.insecurewi.re\/index.php\/2020\/11\/29\/configuring-azure-mfa-with-f5-access-policy-manager\/#primaryimage\",\"url\":\"https:\/\/www.insecurewi.re\/wp-content\/uploads\/2020\/11\/code-input.png\",\"contentUrl\":\"https:\/\/www.insecurewi.re\/wp-content\/uploads\/2020\/11\/code-input.png\",\"width\":398,\"height\":293,\"caption\":\"OTP\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.insecurewi.re\/index.php\/2020\/11\/29\/configuring-azure-mfa-with-f5-access-policy-manager\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.insecurewi.re\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Configuring Azure MFA with F5 Access Policy Manager\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.insecurewi.re\/#website\",\"url\":\"https:\/\/www.insecurewi.re\/\",\"name\":\"Insecure Wire\",\"description\":\"A Network Engineer\u2019s Perspective.\",\"publisher\":{\"@id\":\"https:\/\/www.insecurewi.re\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.insecurewi.re\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.insecurewi.re\/#organization\",\"name\":\"Insecure Wire\",\"url\":\"https:\/\/www.insecurewi.re\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.insecurewi.re\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.insecurewi.re\/wp-content\/uploads\/2023\/10\/cloud.png\",\"contentUrl\":\"https:\/\/www.insecurewi.re\/wp-content\/uploads\/2023\/10\/cloud.png\",\"width\":32,\"height\":32,\"caption\":\"Insecure Wire\"},\"image\":{\"@id\":\"https:\/\/www.insecurewi.re\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/insecurewire\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.insecurewi.re\/#\/schema\/person\/8ba08b41fc754b971a948ead6ccb777d\",\"name\":\"nikonau\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.insecurewi.re\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/2d1b9d9dc90da4f6d3da31b870f418c6b3553ba9be48d53e8ee3a35b0adb1d35?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/2d1b9d9dc90da4f6d3da31b870f418c6b3553ba9be48d53e8ee3a35b0adb1d35?s=96&d=mm&r=g\",\"caption\":\"nikonau\"},\"sameAs\":[\"https:\/\/x.com\/https:\/\/twitter.com\/insecurewire\"],\"url\":\"https:\/\/www.insecurewi.re\/index.php\/author\/nikon\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Configuring Azure MFA with F5 Access Policy Manager - Insecure Wire","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.insecurewi.re\/index.php\/2020\/11\/29\/configuring-azure-mfa-with-f5-access-policy-manager\/","og_locale":"en_US","og_type":"article","og_title":"Configuring Azure MFA with F5 Access Policy Manager - Insecure Wire","og_description":"In this post I will detail how to configure F5 Access Policy Manager (APM) with Microsoft Azure Multi Factor Authentication (MFA). In this scenario APM...","og_url":"https:\/\/www.insecurewi.re\/index.php\/2020\/11\/29\/configuring-azure-mfa-with-f5-access-policy-manager\/","og_site_name":"Insecure Wire","article_published_time":"2020-11-29T12:13:18+00:00","og_image":[{"width":398,"height":293,"url":"https:\/\/www.insecurewi.re\/wp-content\/uploads\/2020\/11\/code-input.png","type":"image\/png"}],"author":"nikonau","twitter_card":"summary_large_image","twitter_creator":"@https:\/\/twitter.com\/insecurewire","twitter_site":"@insecurewire","twitter_misc":{"Written by":"nikonau","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.insecurewi.re\/index.php\/2020\/11\/29\/configuring-azure-mfa-with-f5-access-policy-manager\/#article","isPartOf":{"@id":"https:\/\/www.insecurewi.re\/index.php\/2020\/11\/29\/configuring-azure-mfa-with-f5-access-policy-manager\/"},"author":{"name":"nikonau","@id":"https:\/\/www.insecurewi.re\/#\/schema\/person\/8ba08b41fc754b971a948ead6ccb777d"},"headline":"Configuring Azure MFA with F5 Access Policy Manager","datePublished":"2020-11-29T12:13:18+00:00","mainEntityOfPage":{"@id":"https:\/\/www.insecurewi.re\/index.php\/2020\/11\/29\/configuring-azure-mfa-with-f5-access-policy-manager\/"},"wordCount":510,"commentCount":0,"publisher":{"@id":"https:\/\/www.insecurewi.re\/#organization"},"image":{"@id":"https:\/\/www.insecurewi.re\/index.php\/2020\/11\/29\/configuring-azure-mfa-with-f5-access-policy-manager\/#primaryimage"},"thumbnailUrl":"https:\/\/www.insecurewi.re\/wp-content\/uploads\/2020\/11\/code-input.png","keywords":["2FA","APM","Azure","Cloud","F5","MFA"],"articleSection":["Azure","Load Balancer"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.insecurewi.re\/index.php\/2020\/11\/29\/configuring-azure-mfa-with-f5-access-policy-manager\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.insecurewi.re\/index.php\/2020\/11\/29\/configuring-azure-mfa-with-f5-access-policy-manager\/","url":"https:\/\/www.insecurewi.re\/index.php\/2020\/11\/29\/configuring-azure-mfa-with-f5-access-policy-manager\/","name":"Configuring Azure MFA with F5 Access Policy Manager - Insecure Wire","isPartOf":{"@id":"https:\/\/www.insecurewi.re\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.insecurewi.re\/index.php\/2020\/11\/29\/configuring-azure-mfa-with-f5-access-policy-manager\/#primaryimage"},"image":{"@id":"https:\/\/www.insecurewi.re\/index.php\/2020\/11\/29\/configuring-azure-mfa-with-f5-access-policy-manager\/#primaryimage"},"thumbnailUrl":"https:\/\/www.insecurewi.re\/wp-content\/uploads\/2020\/11\/code-input.png","datePublished":"2020-11-29T12:13:18+00:00","breadcrumb":{"@id":"https:\/\/www.insecurewi.re\/index.php\/2020\/11\/29\/configuring-azure-mfa-with-f5-access-policy-manager\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.insecurewi.re\/index.php\/2020\/11\/29\/configuring-azure-mfa-with-f5-access-policy-manager\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.insecurewi.re\/index.php\/2020\/11\/29\/configuring-azure-mfa-with-f5-access-policy-manager\/#primaryimage","url":"https:\/\/www.insecurewi.re\/wp-content\/uploads\/2020\/11\/code-input.png","contentUrl":"https:\/\/www.insecurewi.re\/wp-content\/uploads\/2020\/11\/code-input.png","width":398,"height":293,"caption":"OTP"},{"@type":"BreadcrumbList","@id":"https:\/\/www.insecurewi.re\/index.php\/2020\/11\/29\/configuring-azure-mfa-with-f5-access-policy-manager\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.insecurewi.re\/"},{"@type":"ListItem","position":2,"name":"Configuring Azure MFA with F5 Access Policy Manager"}]},{"@type":"WebSite","@id":"https:\/\/www.insecurewi.re\/#website","url":"https:\/\/www.insecurewi.re\/","name":"Insecure Wire","description":"A Network Engineer\u2019s Perspective.","publisher":{"@id":"https:\/\/www.insecurewi.re\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.insecurewi.re\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.insecurewi.re\/#organization","name":"Insecure Wire","url":"https:\/\/www.insecurewi.re\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.insecurewi.re\/#\/schema\/logo\/image\/","url":"https:\/\/www.insecurewi.re\/wp-content\/uploads\/2023\/10\/cloud.png","contentUrl":"https:\/\/www.insecurewi.re\/wp-content\/uploads\/2023\/10\/cloud.png","width":32,"height":32,"caption":"Insecure Wire"},"image":{"@id":"https:\/\/www.insecurewi.re\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/insecurewire"]},{"@type":"Person","@id":"https:\/\/www.insecurewi.re\/#\/schema\/person\/8ba08b41fc754b971a948ead6ccb777d","name":"nikonau","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.insecurewi.re\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/2d1b9d9dc90da4f6d3da31b870f418c6b3553ba9be48d53e8ee3a35b0adb1d35?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/2d1b9d9dc90da4f6d3da31b870f418c6b3553ba9be48d53e8ee3a35b0adb1d35?s=96&d=mm&r=g","caption":"nikonau"},"sameAs":["https:\/\/x.com\/https:\/\/twitter.com\/insecurewire"],"url":"https:\/\/www.insecurewi.re\/index.php\/author\/nikon\/"}]}},"_links":{"self":[{"href":"https:\/\/www.insecurewi.re\/index.php\/wp-json\/wp\/v2\/posts\/936","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.insecurewi.re\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.insecurewi.re\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.insecurewi.re\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.insecurewi.re\/index.php\/wp-json\/wp\/v2\/comments?post=936"}],"version-history":[{"count":0,"href":"https:\/\/www.insecurewi.re\/index.php\/wp-json\/wp\/v2\/posts\/936\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.insecurewi.re\/index.php\/wp-json\/wp\/v2\/media\/944"}],"wp:attachment":[{"href":"https:\/\/www.insecurewi.re\/index.php\/wp-json\/wp\/v2\/media?parent=936"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.insecurewi.re\/index.php\/wp-json\/wp\/v2\/categories?post=936"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.insecurewi.re\/index.php\/wp-json\/wp\/v2\/tags?post=936"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}