Need to Validate The Returnurl Supplied to /idp/initiatesso So Only Valid Domains Are Available

(Doc ID 2063229.1)

Last updated on DECEMBER 12, 2017

Applies to:

Oracle Access Manager - Version and later
Information in this document applies to any platform.


We want to make sure that the returnurl value only redirects the user to a valid domain. This functionality is available in 
Oracle Identity Federation (OIF) under setConfigProperty.

Reference is

But our environment is and I cannot find reference to equivalent functionality.


Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms