Description of an Example Diagram of Protecting Access to an Application with App Gateway

This diagram shows an example of an HTTP request to the web application through App Gateway.

The drawing contains icons representing the user browser, App Gateway, Oracle Identity Cloud Service, and the web application. The user browser makes a HTTP request to the https://myappgateway.example.com:4443/myapp/private/home URL. App Gateway intercepts the request, contacts Oracle Identity Cloud Service, and then verifies the following information configured in Oracle Identity Cloud Service for My Enterprise Application:

Host Identifier: myappgateway.example.com/4443
Resource: /myapp/private/.*
Authentication Policy: Form or Access Token

Supposing the user has already signed in to Oracle Identity Cloud Service, HTTP header variables and a cookie are added to the request before App Gateway forwards the request to the application. Such header variables are remote_user, idcs_user_assertion, idcs_remote_user, and idcs_user_display_name. The cookie name is ORA_OCIS_CG_SESSION_<tenant_name>_<appgatewaydomain>.

App Gateway forwards the request containing the header variables and cookie to the application in the URL https://myapp.internal.example.com:3266/myapp/private/home.