Reverse Proxy requests with OKTA

We have a reverse proxy setup for one of our applications. The front facing app is an asp.net application and it renders a screen from WebSphere back-end servers. IIS’s extensions ARR 2.0 and URL Rewrite are used to implement a reverse proxy to the WebSphere servers.

Earlier ASP.NET Forms Authentication was used on the front facing app and there were no issues but after integrating the front facing application with OKTA, the pages rendered through reverse proxy are failing with java socket timeout exception.

The web application URL and Reply URL for front facing app are configured on OKTA with the front facing app URL , so when IIS processes the back-end url with multi path context root following the front facing app URL, how does OKTA handles the http request. Does OKTA come into picture in first place when IIS forwards the https request to the backend server ?

Thanks,
Ravi

I couldn’t provide the URLs in quesion because I’m a new user, here you go.

Following are the URLs as it is seen by the browser:

front facing app URL - https://myhost.company.com/ABC/
The backend app url - https://myhost.company.com/ABC/XYZ/PQR/

The url rewrite module recognizes /XYZ/PQR/ and forwards the request to back-end server.

Anyone setup application like this ?