Limit hosts allowed in ReturnURL for password self-service

You can use the ReturnUrl parameter in a link to the self password reset page to specify the URL that will be opened when a user completes or cancels resetting the password. For example:

http://adaxes.domain.com/Adaxes/SelfService/#/SelfPasswordReset?ReturnUrl=http:%2F%2Fmywebsite.com

By default, any host is allowed in the ReturnUrl parameter. To limit the allowed hosts:

  1. Open Adaxes Web interface configurator.

     How
    • On the computer, where Adaxes Web interface configurator is installed, open Windows Start menu.

    • Type Adaxes Web interface configurator.

    • Press Enter.

  2. In the top left corner, select the Web interface you want to customize.

  3. In the left navigation menu, click Advanced.

    If the left navigation menu is not displayed, click the icon in the top left corner.

  4. In the Advanced section, select Hosts allowed in ReturnURL for Password Self-Service in the drop-down list.

  5. Specify a comma-separated list of allowed hosts.

    If you limit the hosts and the ReturnUrl parameter contains a host that is not allowed, the Sign In page of Adaxes Web interface will be opened when a user completes or cancels resetting the password.

  6. Save the changes.

    To apply the changes to other Web interfaces, click the down arrow button next to the parameter value and then click Apply to other Web interfaces.