Identity provider initiated flow

Requests can be initiated to a service provider or using an Okta tenant. This diagram represent an Identify provider initiated flow.

Flow through Access Gateway initiated by IDP
Step

Description

1

User signs in to Okta.

2

Okta send user identity SAML assertion to Access Gateway.

3

Access Gateway adds required application attributes
to header and forwards request to protected web resource.

4

Protected web resource receives request, and returns response to Access Gateway

5

Access Gateway performs any required rewrites and returns response.

Related topics

Reference architectures

About Access Gateway DNS use

About Access Gateway high availability

About Access Gateway prerequisites