apm aaa f5-mfa-configuration
apm aaa f5-mfa-configuration(1BIG-IP TMSH Manuaapm aaa f5-mfa-configuration(1)
NAME
f5-mfa-configuration - defines F5 multi-factor authentication
configuration.
MODULE
apm aaa
SYNTAX
Configure the f5-mfa-configuration component within the aaa module
using the syntax shown in the following sections.
CREATE/MODIFY
create f5-mfa-configuration [name]
modify f5-mfa-configuration [name]
options:
app-service [[string] | none]
f5-service-connector [name]
permitted-devices-types [add | delete | modify | replace-all-with] {
[mobile | totp]
}
max-mobile-devices-per-user [[integer] | none]
registration-sms-template [[string] | none]
require-biometric [[true | false] | none]
edit f5-mfa-configuration [ [ [name] | [glob] | [regex] ] ... ]
options:
all-properties
non-default-properties
DISPLAY
list f5-mfa-configuration
list f5-mfa-configuration [ [ [name] | [glob] | [regex] ] ... ]
options:
all-properties
app-service
non-default-properties
one-line
partition
DELETE
delete f5-mfa-configuration [name]
DESCRIPTION
You can use the f5-mfa-configuration component to define F5 multi-
factor authentication configuration.
EXAMPLES
create f5-mfa-configuration MyF5MFAConfiguration { f5-service-connector
MyF5ServiceConnector permitted-devices-types { mobile } max-mobile-
devices-per-user 2 registration-sms-template "Hello, Please follow the
link below to register your device for second factor authentication:
%{session.f5_mfa.device_registration.registration_url}" require-
biometric true }
Creates the f5 mfa configuration named MyF5MFAConfiguration with
f5-service-connector MyF5ServiceConnector, adds mobile to
permitted-devices-types, sets max-mobile-devices-per-user to 2,
sets registration-sms-template to Hello, Please follow the link
below to register your device for second factor authentication:
%{session.f5_mfa.device_registration.registration_url} and sets
require-biometric to true
delete f5-mfa-configuration MyF5MFAConfiguration
Deletes the f5 mfa configuration named MyF5MFAConfiguration from
the system.
OPTIONS
[name]
Specifies the name for the f5 mfa configuration. This setting is
required.
f5-service-connector
Specifies the f5-service-connector. This setting is required.
permitted-devices-types
Specifies permission of the use of mobile devices or hardware
tokens (TOTP) or both for multi-factor authentication. This
setting is required.
max-mobile-devices-per-user
Specifies the number of devices that one user can register for
multi-factor authentication.
registration-sms-template
Specifies the message to send to a user to register their mobile
devices.
require-biometric
Set this item to true to require that the user present a physical
characteristic, such as a fingerprint, on the mobile device for an
additional authentication factor.
SEE ALSO
COPYRIGHT
No part of this program may be reproduced or transmitted in any form or
by any means, electronic or mechanical, including photocopying,
recording, or information storage and retrieval systems, for any
purpose other than the purchaser's personal use, without the express
written permission of F5 Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2011-2017. All rights reserved.
BIG-IP 2017-09-19 apm aaa f5-mfa-configuration(1)