Whitelist Okta Application Redirect URIS

Hello,

We’re creating an Okta application and the number of redirect URIs are in the hundreds due to different locales and environments. Is there any way to whitelist a wildcard version of these?

@kapple Hi, wildcards in the hostname can be problematic. For security consideration, you’d better to use the full URI, as it is outlined in the OAuth 2.0 Threat Model :

An authorization server should require all clients to register their
“redirect_uri”, and the “redirect_uri” should be the full URI as
defined in [RFC6749].

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.