To protect target applications and services, the Airlock Gateway decides, based on its policy, whether an HTTP request has sufficient access rights or not. If not, the request is typically sent in one way or another to Airlock IAM for authentication, step-up or similar.
Airlock IAM must associate the HTTP request with a target application (configuration) to do its job.
In most cases, the target application is selected on the URL of the original request, but the details depend on the Loginapp page type and the authentication flow type.