apm aaa f5-mfa-configurationΒΆ

apm aaa f5-mfa-configuration(1) 			BIG-IP TMSH Manual			   apm aaa f5-mfa-configuration(1)

NAME
       f5-mfa-configuration - defines F5 multi-factor authentication configuration.

MODULE
       apm aaa

SYNTAX
       Configure the f5-mfa-configuration component within the aaa module using the syntax shown in the following sections.

   CREATE/MODIFY
	create f5-mfa-configuration [name]
	modify f5-mfa-configuration [name]
	   options:
	    app-service [[string] | none]
	    f5-service-connector [name]
	    permitted-devices-types [add | delete | modify | replace-all-with] {
	       [mobile | totp]
	    }
	    max-mobile-devices-per-user [[integer] | none]
	    registration-sms-template [[string] | none]
	    require-biometric [[true | false] | none]

	edit f5-mfa-configuration [ [ [name] | [glob] | [regex] ] ... ]
	  options:
	    all-properties
	    non-default-properties

   DISPLAY
	list f5-mfa-configuration
	list f5-mfa-configuration [ [ [name] | [glob] | [regex] ] ... ]
	  options:
	    all-properties
	    app-service
	    non-default-properties
	    one-line
	    partition

   DELETE
	delete f5-mfa-configuration [name]

DESCRIPTION
       You can use the f5-mfa-configuration component to define F5 multi-factor authentication configuration.

EXAMPLES
       create f5-mfa-configuration MyF5MFAConfiguration { f5-service-connector MyF5ServiceConnector permitted-devices-types {
       mobile } max-mobile-devices-per-user 2 registration-sms-template "Hello, Please follow the link below to register your
       device for second factor authentication: %{session.f5_mfa.device_registration.registration_url}" require-biometric true }
	    Creates the f5 mfa configuration named MyF5MFAConfiguration with f5-service-connector MyF5ServiceConnector, adds
	    mobile to permitted-devices-types, sets max-mobile-devices-per-user to 2, sets registration-sms-template to Hello,
	    Please follow the link below to register your device for second factor authentication:
	    %{session.f5_mfa.device_registration.registration_url} and sets require-biometric to true

       delete f5-mfa-configuration MyF5MFAConfiguration
	    Deletes the f5 mfa configuration named MyF5MFAConfiguration from the system.

OPTIONS
       [name]
	    Specifies the name for the f5 mfa configuration. This setting is required.

       f5-service-connector
	    Specifies the f5-service-connector. This setting is required.

       permitted-devices-types
	    Specifies permission of the use of mobile devices or hardware tokens (TOTP) or both for multi-factor authentication.
	    This setting is required.

       max-mobile-devices-per-user
	    Specifies the number of devices that one user can register for multi-factor authentication.

       registration-sms-template
	    Specifies the message to send to a user to register their mobile devices.

       require-biometric
	    Set this item to true to require that the user present a physical characteristic, such as a fingerprint, on the mobile
	    device for an additional authentication factor.

SEE ALSO
COPYRIGHT
       No part of this program may be reproduced or transmitted in any form or by any means, electronic or mechanical, including
       photocopying, recording, or information storage and retrieval systems, for any purpose other than the purchaser's personal
       use, without the express written permission of F5 Networks, Inc.

       F5 Networks and BIG-IP (c) Copyright 2011-2017. All rights reserved.

BIG-IP							    2017-09-19				   apm aaa f5-mfa-configuration(1)