Redirect URL Whitelist
Redirect URL Whitelist functionality defines a list of URLs to which user is allowed to be redirected. In case at least one URL pattern is defined in the Onegini IDP admin console and it matches with the URL provided within the incoming request the user will be redirected.
Redirect URL should be provided in the request by the origin
query param, example:http://dev.onegini.me:8181/personal/dashboard?origin=http://originurl.nl
.
User will be redirected to the origin (in this case http://originurl.nl
) when going to /personal/return-to-origin
endpoint
(http://dev.onegini.me:8181/personal/return-to-origin
) and in case of log out.
Redirect URL should match at least one whitelist entry pattern. If origin URL is not defined as a request parameter, then the user will be redirected to the
default origin URL, if one is defined in the admin panel.
When NOT in SAML flow the redirect URL will be used to determine where to redirect after the user has been logged in to the application, by providing return_url
parameter in the request, example:
http://dev.onegini.me:8181/token?token=QWERTYUSDFGHXCVBN&return_url=http://originurl.nl
.
The return url should match with at least one whitelist entry pattern defined in the Onegini IDP's admin console. If this parameter is not specified in request or not
matching whitelist entry it will be ignored and the user will be redirected to default destination.