Create a Virtual Service
- Last Updated: August 28, 2025
- 2 minute read
- LoadMaster
- LoadMaster LTSF
- Documentation
Follow the steps below to create a Virtual Service and configure the ESP Options:
- In the main menu of the
LoadMaster WUI, navigate to Virtual Services > Add
New.
- Enter a valid IP address in the Virtual Address text box.
- Fill out the other fields as needed.
- Click Add
this Virtual Service.
- Expand the ESP Options section.
- Tick the Enable ESP check box.
- Select OIDC/OAUTH as the Client Authentication Mode.
- Select the OIDC/OAUTH SSO
domain, which was previously configured, from the SSO Domain
drop-down list.
- Set an Additional Authentication
Header, if relevant.Note:When validating the token from the Identity Provider (IdP), the LoadMaster checks the claims (attributes) in the following sequence:
- preferred_username
- UPN
- unique_name
For example, if the preferred_username is not available then the UPN is used. If the UPN is also not available, then unique_name or email is used for token validation.
- Fill out any other fields, as needed.
- Add any Real Servers, as needed.
Note: When using the OIDC/OAUTH Client Authentication Mode, the only available Server Authentication Modes are None and KCD
Note: If the Logoff String is configured but the Logoff URL field in the Manage SSO options is left blank, when the Logoff String is used the user's session on the LoadMaster will be closed but they will not be logged out of their session with the Identity Provider. If a logoff URL is provided, any request that matches the logoff string will end the session on the LoadMaster and trigger a logout of the session with the Identity Provider.
For an explanation of all of the WUI fields, refer to the Web User Interface (WUI), Configuration Guide.