apm aaa f5-mfa-configuration

apm aaa f5-mfa-configuration(1BIG-IP TMSH Manuaapm aaa f5-mfa-configuration(1)



NAME
       f5-mfa-configuration - defines F5 multi-factor authentication
       configuration.

MODULE
       apm aaa

SYNTAX
       Configure the f5-mfa-configuration component within the aaa module
       using the syntax shown in the following sections.

   CREATE/MODIFY
	create f5-mfa-configuration [name]
	modify f5-mfa-configuration [name]
	   options:
	    app-service [[string] | none]
	    f5-service-connector [name]
	    permitted-devices-types [add | delete | modify | replace-all-with] {
	       [mobile | totp]
	    }
	    max-mobile-devices-per-user [[integer] | none]
	    registration-sms-template [[string] | none]
	    require-biometric [[true | false] | none]

	edit f5-mfa-configuration [ [ [name] | [glob] | [regex] ] ... ]
	  options:
	    all-properties
	    non-default-properties

   DISPLAY
	list f5-mfa-configuration
	list f5-mfa-configuration [ [ [name] | [glob] | [regex] ] ... ]
	  options:
	    all-properties
	    app-service
	    non-default-properties
	    one-line
	    partition

   DELETE
	delete f5-mfa-configuration [name]

DESCRIPTION
       You can use the f5-mfa-configuration component to define F5 multi-
       factor authentication configuration.

EXAMPLES
       create f5-mfa-configuration MyF5MFAConfiguration { f5-service-connector
       MyF5ServiceConnector permitted-devices-types { mobile } max-mobile-
       devices-per-user 2 registration-sms-template "Hello, Please follow the
       link below to register your device for second factor authentication:
       %{session.f5_mfa.device_registration.registration_url}" require-
       biometric true }
	    Creates the f5 mfa configuration named MyF5MFAConfiguration with
	    f5-service-connector MyF5ServiceConnector, adds mobile to
	    permitted-devices-types, sets max-mobile-devices-per-user to 2,
	    sets registration-sms-template to Hello, Please follow the link
	    below to register your device for second factor authentication:
	    %{session.f5_mfa.device_registration.registration_url} and sets
	    require-biometric to true

       delete f5-mfa-configuration MyF5MFAConfiguration
	    Deletes the f5 mfa configuration named MyF5MFAConfiguration from
	    the system.

OPTIONS
       [name]
	    Specifies the name for the f5 mfa configuration. This setting is
	    required.

       f5-service-connector
	    Specifies the f5-service-connector. This setting is required.

       permitted-devices-types
	    Specifies permission of the use of mobile devices or hardware
	    tokens (TOTP) or both for multi-factor authentication. This
	    setting is required.

       max-mobile-devices-per-user
	    Specifies the number of devices that one user can register for
	    multi-factor authentication.

       registration-sms-template
	    Specifies the message to send to a user to register their mobile
	    devices.

       require-biometric
	    Set this item to true to require that the user present a physical
	    characteristic, such as a fingerprint, on the mobile device for an
	    additional authentication factor.

SEE ALSO
COPYRIGHT
       No part of this program may be reproduced or transmitted in any form or
       by any means, electronic or mechanical, including photocopying,
       recording, or information storage and retrieval systems, for any
       purpose other than the purchaser's personal use, without the express
       written permission of F5 Networks, Inc.

       F5 Networks and BIG-IP (c) Copyright 2011-2017. All rights reserved.



BIG-IP				  2017-09-19   apm aaa f5-mfa-configuration(1)