A whitelisted redirect URL feature provides a safe and secure way to ensure that users are redirected to the desired location after SSO authentication. It helps prevent attackers from redirecting users to malicious websites.
Imagine a scenario where an attacker tries to change the redirect URL in the SSO link. The user clicks on the link and is redirected to the attacker's website, which is designed to look like the intended website. There is a possibility that the attacker's website contains malware, phishing scams, or other malicious content. By whitelisting the redirect URL, you can prevent this from happening. Only pre-approved URLs will be allowed, so when users successfully authenticate through SSO, they will always be redirected to a safe and secure location.
You can find this setting in the Sign In Settings tab -> Advanced Settings ->Whitelist Redirect URL. You can add multiple Redirect URLs by using a semicolon(;) in the configuration, as shown in the screenshot below. Then click on the Save Settings button.