Users redirected to /not_allowed.do with a message "Security constraints prevent access to requested page"
From Jakarta, security checks are in place to avoid redirecting to external sites. If SSO is not correctly configured, there are cases when the users are not redirected to the Identity provider but to the /not_allowed.do page.
When login by Single Sing-on (SSO), the system checks the redirected URL is part of the defined Identity provider, or IdP records on the instance. If a matching URL is not found, the instance redirects to /not_allowed.do.
Please ensure the defined IdP contains the redirection URL as part of the IdP records.
To disable the validation, which is not recommended, administrators can create or define the sys_property the following property: