To protect target applications and services the Airlock Gateway (WAF) decides based on its policy whether an HTTP request has sufficient access rights or not. If not, the request is typically sent in one or another way to Airlock IAM for authentication, step-up or alike.
In order to do its job, Airlock IAM must associate the HTTP request with a target application (configuration).
In most cases, the target application is selected on the URL of the original request, but the details depend on the Loginapp page type and the authentication flow type.
Please refer to the following pages for further information:
- Interaction models for authentication
- Target application selection in the Loginapp REST UI:
- Target application selection in the JSP-Loginapp: Target application selection in the JSP-Loginapp