Protected resource without session sequence flow
The protected resource, without session sequence represents the sequence of events which occur when a user attempts to access a protected web resource, in a known application, where no existing Access Gateway session exists.
|User signs into Okta.
|Access Gateway checks for session.
|Access Gateway checks if resource is protected.
|Access Gateway makes a SAML authentication request to the users browser.
|Okta request login.
|User sends credentials and other MFA as required to Okta.
|Okta returns SAML assertion to browser.
|Browser forwards request with SAML assertion.
|Access Gateway creates session for application.
|Access Gateway evaluates request in the context of any associated policy
|Access Gateway forwards request with all defined headers to application.
|Application returns request to Access Gateway.
|Access Gateway rewrites and returns response to User.