SAML/SSO generates an infinite loop during login when you define without adding the IdP URL 

Under certain conditions, the system property is used to block redirections of URL that have not been white-listed and SAML needed a redirection to login.


When you log in to your instance, you are redirected to over and over again in an infinite loop where users cannot authenticate. You will notice a whitepage and the URL changing only on the SAMLRequest part.

The following conditions must be met:
  • Multi SSO Provider is installed.
  • The property is defined.
  • Redirection uses
 Note: The latest SAML redirection from Istanbul patch 03 uses, which does not require to be set.



When you log in to the instance, you are redirected to your SAML provider using

logout_redirect respects the system property

On, you add the value of the external URLs to which you want to allow redirection.

The might create this loop when you define without adding the IdP host name to the property value.


  • Set or add to the system property the Identity Provider's redirection URLs.
  • If multiple URLs need to be added to the list, separate them with commas.
  • Only the http[s]://hostname[:port]/ part of the URL is required.
  • If the property is not configured, empty, or contains invalid URLs, everything is allowed.


Type: String
Default value: (empty)
Location: Add to the System Property [sys_properties] table

 Note: Note you only need the beginning of the URL to match.

For more information, see the Configure multi-provider SSO documentation topic.


Article Information

Last Updated:2019-08-02 21:23:28