Can I change the return_to parameter in the URL when using SSO with JWT?

Return to top
Have more questions? Submit a request


  • Chris

    We've used SSO for years without problem. Unfortunately in the last few days, AWS updated the WAF rules (that we use for all incoming requests) to be more strict for XSS. The initial SSO call (with the 'return_to' as a query parameter) from zendesk to our site, is now blocked by the firewall as a potential XSS attack (because 'return_to' contains encoded string 'https://')

    How do we customize 'return_to' in the initial call from zendesk ? (again, in the initial call, not in the JWT response). I couldn't find the answer in the article referenced above.


Please sign in to leave a comment.

Powered by Zendesk