The HTTP error code #403 indicates an invalid session or that the credential used does not have permission to perform the requested action.
More information can be found here
In the event the URL pages with SAML SSO have also,
1. The identity provider authenticates the users through NTLM or client certificate or http access authentication.
2. Adopt "double artifact" profile when setting up SAML SSO.
Then, Foglight can monitor the URLs in question.
However, OKTA seems not to support either of the above conditions because:Unlike NTLM, client certificate and http access authentication, in this type of login (OKTA), the html form of the credential varies between different sites, there is no standard about what data to send in order to login the page. In addition, most of these pages are adopting some technique to forbid the "robots" from login.