-
Title
HOW TO: Configure Allowed Redirect Domains in Secure Token Server -
Description
By default, there is no option to directly set the Allowed Redirect Domains within the Password Manager Administration site. This article outlines the steps to configure the Allowed Redirect Domains for Password Manager by using the Secure Token Server Admin portal. Configuring this option helps to further mitigate open redirects.
NOTE: If you are not using Secure Token Server in Password Manager this article does not apply.
-
Cause
Enhancement Request 502460.
-
Resolution
WORKAROUND
To configure Allowed Redirect Domains, the steps are as follows:
1. Navigate to https://<server>:<port>/RSTS/Admin/Settings/StsServer
Example: https://mypmserver.mydomain.local:20000/RSTS/Admin/Settings/StsServer
2. You will first be directed to a login page. Enter the password you set when originally configuring and setting up Secure Token Server in Password Manager.
.png "Login")
3. On the STS Server settings page, enter one or more DNS names (and ports) that are used to access Password Manager, including internal and external.
.png "Setting")
4. Scroll to the bottom of the page and click Save.
STATUS
Enhancement Request 502460 has been logged to include this setting within Password Manager and will be included in a future release.
-
Change Request
502460