Akamai

Overview of the SSO flow

The following description covers the typical sign-on process when using the Akamai Account Protector Integration Kit.

  1. A user initiates the sign-on process by requesting access to a protected resource.

  2. The Akamai Account Protector IdP Adapter collects and parses the Akamai Account Protector header from the incoming request.

    The default request header the adapter looks for is Akamai-User-Risk. To change this value, configure the Akamai Account Protector Header Name advanced field as described in Akamai Account Protector IdP Adapter settings reference.

  3. Based on the threshold values you configure in the adapter instance, the adapter evaluates the request and determines a risk level.

    You can then use the resulting risk level and corresponding score to drive authentication policy decisions. Learn more in Using risk score in the PingFederate authentication policy.

  4. If you select the Save Akamai Header checkbox in the adapter configuration, the adapter exposes individually retrieved values as core contract attributes, making them available to use within PingFederate authentication policies.