How To Prevent URL Redirection to an Unwanted OAM Logout Landing Page

(Doc ID 1603720.1)

Last updated on FEBRUARY 22, 2018

Applies to:

Oracle Access Manager - Version and later
Information in this document applies to any platform.


OAM has a feature using a query string "end_url" to redirect a browser to a landing page after logging out.  

However a URL can be append either manually or programmatically to the end_url parameter and the browser will be redirected there.

For example where is a valid OAM protected site, the browser will instead be redirected to


The OAM server performs the server side logout operations and redirects the browser to the URL specified in the "end_url" query parameter whether logged in or out.  

This is not a desired behavior.  

The goal would be to only allow URLs expected and approved.





Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms