Whitelist logout redirects

Released on 13 April

redirect_to URLs used in the logout endpoint or using the JS SDK logout method must now be whitelisted under the new parameter Allowed logout callback URLs in SSO ReachFive Console setting.

URLs that are not explicitly whitelisted will now be blocked.

timeline

This announcement was made on the 24 February.
We expect to release these changes into production on approximately the 13 April.