Protected resource without session sequence flow
The protected resource, without session sequence represents the sequence of events which occur when a user attempts to access a protected web resource, in a known application, where no existing Access Gateway session exists.
Sequence flow
Events
| Step | Description |
|---|---|
| 1 | User signs into Okta. |
| 2 | Access Gateway checks for session. |
| 3 | Access Gateway checks if resource is protected. |
| 4 | Access Gateway makes a SAML authentication request to the users browser. |
| 5 | Okta request login. |
| 6 | User sends credentials and other MFA as required to Okta. |
| 7 | Okta returns SAML assertion to browser. |
| 8 | Browser forwards request with SAML assertion. |
| 9 | Access Gateway creates session for application. |
| 10 | Access Gateway evaluates request in the context of any associated policy |
| 11 | Access Gateway forwards request with all defined headers to application. |
| 12 | Application returns request to Access Gateway. |
| 13 | Access Gateway rewrites and returns response to User. |