Allowed redirect hosts
Enforcing an allowed redirect URL list for dynamic redirects
Please be aware that from September 01, 2021 all Link configurations with dynamic redirects will require a list of allowed redirect URLs to be configured in order to continue to function.
Overview
Once your customers have successfully completed authorisation of the connection to their data source via Link, you can redirect them to the locations of your choice.
The URL Whitelist option allows you to use a custom query parameter to dynamically change the redirect URL, including its host, when initiating the authorisation flow. When your customer starts the linking flow, Codat verifies if the host of the URL is listed as allowable host.
Configuration
The Authorisation Complete Redirection Url is a URL your customers are sent to when they've authorized their connection via Link. In Codat, you can decide if you want to:
- Redirect to a static website (static host)
- Redirect with custom query parameters (dynamic host).
Redirect | Configuration |
|---|---|
Static host | Provide one URL in Authorisation Complete Redirection Url. |
Dynamic host | To build dynamically:
|
If the redirect evaluates to a host that has not been placed on this list, your customer will not |
Note: The URLs must be valid URLs, which means they must have https:// or http:// added before them.
Example configuration:
If you set the redirect to https://{dynamichost}/example and set the dynamic host to dynamichost=codat.io the redirect will be evaluated to https://codat.io/example.
Reserved parameters
Do not use reserved parameters in your redirect hosts.
Updated 3 months ago