The PingAccess agent protocol starts with the client, such as a web browser, OAuth clientOAuth clientThe application in an OAuth framework that requests access to resources. If the request is approved by the authorization server, the client is issued an access token for the resources., or any type of HTTP client, making a request for an application resource. The agent sits in front of the resource and intercepts the request. To determine what to do with it, the agent forwards a portion of the request to PingAccess. The response from PingAccess instructs the agent whether to allow the original request, as well as any additional actions to take prior to handing it off to the application. It also includes instructions for actions to perform before sending the corresponding response.

Flowchart of the PingAccess agent protocol, showing interactions between client, agent, and PingAccess according to the following steps.

Processing steps

  1. The client makes a request to the agent system.
  2. The agent requests guidance from PingAccess.
  3. PingAccess sends a response to the agent.
  4. The client request is modified according to any instructions sent by PingAccess.
  5. Finally, the client receives a response to their initial request.