--- title: Importing and configuring the PingIntelligence policy description: To deploy the PingIntelligence policy, first import and configure the policy. component: pingintelligence version: 5.2 page_id: pingintelligence:pingintelligence_integrations:pingintelligence_f5_big_ip_import_policy canonical_url: https://docs.pingidentity.com/pingintelligence/5.2/pingintelligence_integrations/pingintelligence_f5_big_ip_import_policy.html revdate: April 3, 2024 section_ids: about-this-task: About this task steps: Steps result: Result: result-2: Result: result-3: Result: --- # Importing and configuring the PingIntelligence policy To deploy the PingIntelligence policy, first import and configure the policy. ## About this task The PingIntelligence policy is specific to an ASE cluster. If you have more than one ASE cluster, then add the policy to a new workspace and create a new plugin. When you import the PingIntelligence policy, it is imported to an LX workspace and opens in a Node.js editor. To import the PingIntelligence policy in F5: ## Steps 1. Sign on to F5 and navigate to **Local Traffic → iRules → LX Workspaces**. ![A screen capture of the LX Workspaces page in F5.](../_images/zqg1580996042846.png) 2. In the **Workspaces** tab, click **import**. ![A screenshot of the LX Workspaces page with the Import button highlighted with a yellow square.](../_images/pwt1582877946056.png) ### Result: A Workspace import page is displayed. 3. Enter the **Name** and choose the PingIntelligence policy that you downloaded in [Preparing to deploy the PingIntelligence policy](pingintelligence_f5_big_ip_prepare.html). 4. Click **Import**. ![A screenshot of the New Workspace page with the Name field highlighted with a yellow square.](../_images/qcw1582878033650.png) ### Result: Clicking on **Import** creates an LX Workspace. 5. Click the Workspace. The policy is pre-loaded with the extension `oi_ext`. 6. Edit the ASE configuration by clicking the **ASEConfig.js** file. ![A screen capture of the ASEConfig.js file open in the policy editor.](../_images/hsf1583225109423.png) The following table describes the ASE variables: \+ | Variable | Description | | ----------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | `ase_primary` | IP address of primary ASE node | | `ase_primary_port` | Port number of primary ASE node | | `ase_secondary` | IP address of secondary ASE node | | `ase_secondary_port` | Port number of secondary ASE node | | `is_ase_ssl` | Set to `true` if traffic to ASE is sent over HTTPS | | `ase_token` | The ASE sideband authentication token that was generated as part of prerequisites | | `use_ca` | Set to `true` if ASE is using a CA-signed certificate | | `include_paths` | Provide the list of paths that the policy should process. If `/` is provided as path, then all the traffic is monitored. The maximum number of subpaths in path is 3. For example, `/a/b/c/`. | | `enable_auth` | Set to `true` if traffic contains access token in `authorization` header or `querystring`. | | `is_access_token_in_header` | Set to `true` if access token is present in `authorization` header. | | `access_token_variable` | If the access token is present in `querystring`, then specify the key used for token. | | `authorization_header_prefix` | If the access token is present in `authorization` header, then specify the prefix used for access token. | | `user_key_mapping` | The location of `username` in JSON payload of JWT access token. | | `clientid_key_mapping` | The location of client ID in JSON payload of JWT access token | \+ ### Result: \+ The PingIntelligence policy opens in the editor.