What happens to a user when they attempt to access an internal web application via Browser Access?

When a user attempts to access an internal web application via Browser Access, the user is redirected to the appropriate Identity Provider (IDP) for authentication. This process is crucial because it ensures that the user is properly authenticated before being granted access to internal resources. The redirection to the IDP allows for the enforcement of security policies and user verification through various means, such as Single Sign-On (SSO), multi-factor authentication, or federated identity management.

This approach enhances security by centralizing authentication in a robust and often customizable method, allowing organizations to manage user access more effectively. After successful authentication with the IDP, the user can access the web application seamlessly without needing to enter credentials repeatedly.

In contrast, other options suggest different scenarios that do not align with the standard functioning of Browser Access. Blocking access would prevent the user from reaching the application, which negates the purpose of providing access through the Zscaler platform. Automatic login is not typically the case unless certain conditions are configured within the organization’s authentication policies. Lastly, prompting for traditional username and password does not represent the modern approaches encouraged by systems utilizing IDPs, such as those employing SSO capabilities.