Is it safe to have localhost in Sign-out redirect URIs?

I am developing a reactjs app which uses Okta and have just added “sign out” functionality. In order to enable CORS I had to add my http://localhost:4000 url to the “Sign-out redirect URIs” section in my Okta app → general settings. Just wondering if this it ok from a security point of view?

Yes, it’s OK and encouraged for developing/testing locally.


This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.