Not protected no session sequence flow
The not protected resource, with no session sequence is common with Customer Identity Access Management (CIAM) applications. This sequence represents a request for a non-protected, or public, resource where no existing Access Gateway session exists.
Sequence flow
Events
| Step | Description |
|---|---|
| 1 | User signs into Okta. |
| 2 | Access Gateway checks for session, no session exists. |
| 3 | Access Gateway checks if resource is protected. |
| 4 | Access Gateway forwards required to application. Note that since there is no session no headers can be provided on forward. |
| 5 | Application returns response to Access Gateway. |
| 6 | Access Gateway redirects response to User. |