Allowed forward locations (security settings)

In order to mitigate phishing attacks, the Loginapp must know all possibly allowed URLs, any user may be forwarded to.

Thus, when integrating new applications, make sure it's forward location URLs are listed in the login application's security settings:


If a forward location does not match one of the pattern in this list, it is ignored and the default target application is used instead.

In this case, the following log line will be written (login application log):