When Airlock IAM has to forward the user to an application (e.g. after successful authentication, step-up, password-change, etc.) it needs to choose the right target application configuration.
It does this by going through the list of configured target application:
- The first target application that matches the forward location (URL pattern) is chosen
- If no target application matches, the default target application is chosen (regardless of its URL pattern).
Example
Consider the following (probably wrong) configuration:
- Default Target Application: "PORTAL APPLICATION" - URL Pattern: https://my.example.com/portal/.*
- Target Applications:
- "CUSTOMER PORTAL" - URL Pattern:
https://my.example.com/customer-portal/.*
- "ADMIN PORTAL" - URL Pattern:
https://my.example.com/admin.*
- "USER ADMINISTRATION" - URL Pattern:
https://my.example.com/admin-users/.*
Example forward location URL with the application being chosen:
Forward Location | Target Application | Remarks |
---|---|---|
| CUSTOMER PORTAL |
|
| ADMIN PORTAL |
|
| ADMIN PORTAL | The URL matches "ADMIN PORTAL", the "USER ADMINISTRATION" application is therefore not chosen. |
| PORTAL APPLICATION | The URL matches none of the URL patterns. Therefore, the default application is chosen. |
Note that the application "USER ADMINISTRATION" will never be chosen, because all URLs matching its pattern will first match "ADMIN PORTAL"'s pattern.