Click Devices > Identity Servers > Edit > Identity Providers.
Under Redirection White List, click New.
Specify Domain.
You can specify a domain name with an asterisk wildcard character (*) that represents the entire DNS subtree. For example, specifying *.digitalairlines.com as a domain will allow redirection to all children domain under digitalairlines.com including digitalairlines.com. The WWW prefix is not required. You can specify the * wildcard only at the lowest level of the subtree.
For example: Valid domain name: *.digitalairlines.com
Invalid domain name: innerweb.*.comYou must configure at least one domain to prevent open redirection.
Liberty: The target parameter is filtered. If the requested target is not the white list, the Identity Server does not login.
WS-Fed: The wreply parameter is filtered. If the requested wreply is not in the white list, the Identity Server does not login. However, if wreply is same as the provider's single logout or single sign-on URL domain, the request is accepted.
SAML 2.0: For idpsend, the target parameter is filtered using this list. This list is not applicable for spsend.