apm aaa f5-mfa-configurationΒΆ

apm aaa f5-mfa-configuration(1) 		  BIG-IP TMSH Manual		      apm aaa f5-mfa-configuration(1)

NAME
       f5-mfa-configuration - defines F5 multi-factor authentication configuration.

MODULE
       apm aaa

SYNTAX
       Configure the f5-mfa-configuration component within the aaa module using the syntax shown in the following
       sections.

   CREATE/MODIFY
	create f5-mfa-configuration [name]
	modify f5-mfa-configuration [name]
	   options:
	    app-service [[string] | none]
	    f5-service-connector [name]
	    permitted-devices-types [add | delete | modify | replace-all-with] {
	       [mobile | totp]
	    }
	    max-mobile-devices-per-user [[integer] | none]
	    registration-sms-template [[string] | none]
	    require-biometric [[true | false] | none]

	edit f5-mfa-configuration [ [ [name] | [glob] | [regex] ] ... ]
	  options:
	    all-properties
	    non-default-properties

   DISPLAY
	list f5-mfa-configuration
	list f5-mfa-configuration [ [ [name] | [glob] | [regex] ] ... ]
	  options:
	    all-properties
	    app-service
	    non-default-properties
	    one-line
	    partition

   DELETE
	delete f5-mfa-configuration [name]

DESCRIPTION
       You can use the f5-mfa-configuration component to define F5 multi-factor authentication configuration.

EXAMPLES
       create f5-mfa-configuration MyF5MFAConfiguration { f5-service-connector MyF5ServiceConnector permitted-
       devices-types { mobile } max-mobile-devices-per-user 2 registration-sms-template "Hello, Please follow the
       link below to register your device for second factor authentication:
       %{session.f5_mfa.device_registration.registration_url}" require-biometric true }
	    Creates the f5 mfa configuration named MyF5MFAConfiguration with f5-service-connector
	    MyF5ServiceConnector, adds mobile to permitted-devices-types, sets max-mobile-devices-per-user to 2, sets
	    registration-sms-template to Hello, Please follow the link below to register your device for second
	    factor authentication: %{session.f5_mfa.device_registration.registration_url} and sets require-biometric
	    to true

       delete f5-mfa-configuration MyF5MFAConfiguration
	    Deletes the f5 mfa configuration named MyF5MFAConfiguration from the system.

OPTIONS
       [name]
	    Specifies the name for the f5 mfa configuration. This setting is required.

       f5-service-connector
	    Specifies the f5-service-connector. This setting is required.

       permitted-devices-types
	    Specifies permission of the use of mobile devices or hardware tokens (TOTP) or both for multi-factor
	    authentication. This setting is required.

       max-mobile-devices-per-user
	    Specifies the number of devices that one user can register for multi-factor authentication.

       registration-sms-template
	    Specifies the message to send to a user to register their mobile devices.

       require-biometric
	    Set this item to true to require that the user present a physical characteristic, such as a fingerprint,
	    on the mobile device for an additional authentication factor.

SEE ALSO
COPYRIGHT
       No part of this program may be reproduced or transmitted in any form or by any means, electronic or
       mechanical, including photocopying, recording, or information storage and retrieval systems, for any purpose
       other than the purchaser's personal use, without the express written permission of F5 Networks, Inc.

       F5 Networks and BIG-IP (c) Copyright 2011-2017. All rights reserved.

BIG-IP						      2017-09-19		      apm aaa f5-mfa-configuration(1)