Redirection, which is required by many applications and services, inherently brings in a security risk. Redirects are dangerous because unsuspecting users who are visiting trusted sites can be redirected to malicious sites that exploit the users' trust. A new featured, called whitelist, has been added that restricts target URLs to specific domains.
You can restrict target URLs to URLs which match the domains in the whitelist.
Any target URLs that use a domain that is not in the list are blocked and the user receives the following error message:
The request to provide authentication to a service provider has failed (outsidedomain.com-89F57BF823DFE551).
Click Devices > Identity Servers > Edit > [Liberty, SAML1.1, or SAML 2.0] > [Service Provider] > Intersite Transfer Service.
In Domain List, click New.
Specify the domain name, then click OK.
The domain name must be a full domain name, such as www.example.com. Wildcard domain names, such as www.example.*.com, do not work.
To edit an existing domain name, click the name, modify the name, then click OK.
To delete an existing domain name, select the domain, click Delete.
Click OK.
Update Identity Server.