Complete the following steps to import PingIntelligence policy in F5:
  1. Login to your F5 UI and navigate to Local Traffic > iRules > LX Workspaces.

    In the Workspaces tab, click on import.

  2. A Workspace import page is displayed. Enter the Name and choose the PingIntelligence policy that you downloaded from Ping Identity download site. Click on Import.

  3. Clicking on Import creates an LX Workspace
  4. Open the Workspace by clicking on it. The policy is pre-loaded with extension named oi_ext. Edit the ASE configuration by clicking on ASEConfig.js file. It opens the PingIntelligence policy in the editor:

The following table describes the ASE variables:
Variable Description
ase_primary IP address of primary ASE node
ase_primary_port Port number of primary ASE node
ase_secondary IP address of secondary ASE node
ase_secondary_port Port number of secondary ASE node
is_ase_ssl Set to true if traffic to ASE is sent over HTTPS
ase_token The ASE sideband authentication token that was generated as part of prerequisites
use_ca Set to true if ASE is using a CA-signed certificate
include_paths Provide the list of paths that the policy should process. If / is provided as path, then all the traffic is monitored. The maximum number of subpaths in path is 3. For example, /a/b/c/.
enable_auth Set to true if traffic contains access token in authorization header or querystring.
is_access_token_in_header Set to true if access token is present in authorization header.
access_token_variable If the access token is present in querystring, then specify the key used for token.
authorization_header_prefix If the access token is present in authorization header, then specify the prefix used for access token.
user_key_mapping The location of username in JSON payload of JWT access token.
clientid_key_mapping The location of client ID in JSON payload of JWT access token