You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/active-directory/manage-apps/f5-big-ip-kerberos-easy-button.md
+3-4Lines changed: 3 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -29,7 +29,7 @@ To learn about all of the benefits, see the article on [F5 BIG-IP and Azure AD i
29
29
30
30
## Scenario description
31
31
32
-
For this scenario, we have an application using **Kerberos authentication**, also known as **Integrated Windows Authentication (IWA)**, to gate access to protected content.
32
+
This scenario looks at the classic legacy application using **Kerberos authentication**, also known as **Integrated Windows Authentication (IWA)**, to gate access to protected content.
33
33
34
34
Being legacy, the application lacks modern protocols to support a direct integration with Azure AD. The application can be modernized, but it is costly, requires careful planning, and introduces risk of potential downtime. Instead, an F5 BIG-IP Application Delivery Controller (ADC) is used to bridge the gap between the legacy application and the modern ID control plane, through protocol transitioning.
35
35
@@ -98,7 +98,7 @@ There are many methods to configure BIG-IP for this scenario, including two temp
98
98
99
99
## Register Easy Button
100
100
101
-
Before a client or service can access Microsoft Graph, it must be [trusted by the Microsoft identity platform.](/azure/active-directory/develop/quickstart-register-app)
101
+
Before a client or service can access Microsoft Graph, it must be trusted by the [Microsoft identity platform.](/azure/active-directory/develop/quickstart-register-app)
102
102
103
103
The Easy Button client must also be registered in Azure AD, before it is allowed to establish a trust between each SAML SP instance of a BIG-IP published application, and Azure AD as the SAML IdP.
104
104
@@ -116,7 +116,6 @@ The Easy Button client must also be registered in Azure AD, before it is allowed
116
116
117
117
7. Navigate to **API permissions** and authorize the following Microsoft Graph permissions:
118
118
119
-
* Application.Read.All
120
119
* Application.ReadWrite.All
121
120
* Application.ReadWrite.OwnedBy
122
121
* Directory.Read.All
@@ -135,7 +134,7 @@ The Easy Button client must also be registered in Azure AD, before it is allowed
135
134
136
135
## Configure Easy Button
137
136
138
-
Initiate the **Easy Button**configuration to set up a SAML Service Provider (SP) and Azure AD as an Identity Provider (IdP) for your application.
137
+
Initiate the **Guided Configuration** to launch the **Easy Button** Template.
139
138
140
139
1. Navigate to **Access > Guided Configuration > Microsoft Integration** and select **Azure AD Application**.
0 commit comments