Not protected with session sequence flow
The not protected with session sequence describes the sequence of events which occur when a user attempts to access a non-protected web resource, in a known application, where an existing Access Gateway already session exists.
Sequence flow
Events
| Step | Description |
|---|---|
| 1 | User signs into Okta. |
| 2 | Access Gateway checks for session, uses existing session. |
| 3 | Access Gateway checks if resource is protected. |
| 4 | Access Gateway forwards required to application. Since session exists headers are provided on forward. |
| 5 | Application returns response to Access Gateway. |
| 6 | Access Gateway redirects response to User. |