Identity provider initiated flow

Requests can be initiated to a service provider or using an Okta tenant. This diagram represent an Identify provider initiated flow.

Flow through Access Gateway initiated by IDP
Step

Description
1

User signs in to Okta.
2

Okta send user identity SAML assertion to Access Gateway.

3

Access Gateway adds required application attributes
to header and forwards request to protected web resource.
4

Protected web resource receives request, and returns response to Access Gateway
5

Access Gateway performs any required rewrites and returns response.

Related topics

Reference architectures

DNS use

High availability

About Access Gateway prerequisites