Create the application in Access Gateway

During this task we will create the web socket header application, which will host WebSocket policy.

Create the application in Access Gateway

  1. Sign in to the Access Gateway Admin UI console.

  2. Click the Applications tab.

  3. Click +Add to add a new application.

  4. Select the Header Based option from the application menu, and click Create.

    Select header based and click create.

    The New Protected Application wizard will start and display the Essentials pane for the application being added.

  5. In the Essentials pane, specify the following:

    Field Value
    Label A name for the application. For example header-websocket application.
    Public Domain A fully qualified host name. In this example www.mywebsocketapp.com.
    Protected Web Resource The URL of the protected resources.
    In this example: backend.websocket.com.
    Group Enter the group containing the users who should have access to the application.
    Description Optional. An appropriate description for your application.

Configure load balancing

Available since Access Gateway version 2022.2.3

Okta recommends that whenever possible load balancers and Access Gateway as a load balancer be implemented.
See About Access Gateway load balancing.

  1. Expand the Protected Web Resources tab.
  2. In Protected Web Resource tab enable load balancing.
    The Protected Web Resource showing load balancing enabled for this web resource.
    The Protected Web Resource tab will then expand to include a table of hostnames and weights representing the target load balancing instances, initially empty.
  3. Select a URL scheme. All added protected web resources will inherit this scheme. HTTP and HTTPS schemes are supported.
  4. [Optional] Enable and specify Host Header value.
  5. Repeat as required:
    1. Click Add protected web resource.
      A new empty row will be added to the table.
    2. Enter a fully qualified hostname:port combination.
      For example https://backendserver1.atko.com:7001.
    3. Enter a weight between 1 and 100. Enter 0 to specify a disabled host.

      Weights represent the percentage of requests that will be routed to this host.
      For example, two hosts of weights 2:1 would result in requests being routed ~66% to the host weighted 2 and ~33% to the host weighted 1.

    4. Click Okay to add the new host, or Cancel to cancel.
      Click edit () to modify an existing host.
      Click delete() to delete an existing host.

  6. Optional Configure health checks:
    Health checks are optional and use GET operations to confirm back and resources are functional.
    Resources deemed unhealthy are not routed new requests.

    1. Enable health checks.
      The health check slider shown in the enabled position.
    2. Click Edit to modify health check settings.
    3. Modify settings as required.
      FieldValue

      Default

      PathURI to resource used in health check./
      MethodHTTP method used.Always GET
      Status codeHTTP status code used to determine health.200
      IntervalInterval between health checks in seconds.10
      Request timeoutHealth check request timeout in seconds.1
      Healthy thresholdNumber of successful requests before a host is considered healthy.3
      Unhealthy thresholdNumber of failed requests before a host is considered unhealthy.3
    4. Click Save to save changes.
      Click Cancel to cancel changes.

Next steps

Assign Certificate