Perform these steps to apply your RADIUS, SSO Agent, Relying Party or Authentication Agent configuration to F5BIG-IP APMStep-up Authentication.
In this use-case F5 does the primary authentication, i.e. AD Password, then calls RSA SecurID access for additional authentication known as Step-Up authentication. The additional authentication can be done via SAML to cloud IdP (Relying Party) or via Radius.
Note:It is assumed that there is an Access Profile (in this example it is named abtest-access-profile) and a Virtual Server (named as abtest_vs) already created and configured such that it can successfully perform AD authentication to grant access to a protected resource. The following steps gives instructions on how to modify the access profile to use RSA SecurID Access to grant access to the same protected resource. More detailed instructions on how to create and modify access policies and mapping access policies to virtual servers can be found in F5BIG-IP APM's documentation. The Access Policy before modification is as shown below: