Forum Discussion

f5beginner's avatar
f5beginner
Icon for Cirrostratus rankCirrostratus
Feb 20, 2020

Authentication via Azure AD blocked by Access policy

Hi,

 

Device:

Virtual Edition.

BIG-IP 14.1.0.6 Build 0.0.9 Point Release 6

 

I have published my site behind F5, and because of some security reason I want to make authentication through Azure AD.

I have configured both F5 and Azure also.

 

Authentication via Azure works, but then I receive "Access was denied by the access policy."

 

And here are details why it was blocked:

 

Log Message

/Common/SSO_AAD.app/SSO_AAD:Common:12243713: SAML Agent: /Common/SSO_AAD.app/SSO_AAD_saml_auth_ag failed to process signed assertion, error: RSA decrypt

Partition

Common

 

I checked old discussion and there were som bug, but it was very old version, so I guess it does not affect my F5.

Do you have any idea, what should be the issue ?

 

Thank you