Not protected no session sequence flow
The not protected resource, with no session sequence is common with Customer Identity Access Management (CIAM) applications. This sequence represents a request for a non-protected, or public, resource where no existing Access Gateway session exists.
|1||User signs into Okta.|
|2||Access Gateway checks for session, no session exists.|
|3||Access Gateway checks if resource is protected.|
|4||Access Gateway forwards required to application.
Note that since there is no session no headers can be provided on forward.
|5||Application returns response to Access Gateway.|
|6||Access Gateway redirects response to User.|