In reference to the wildcard URI change made in v51.0
Our IDP (F5 APM) does not support having a wildcard in the redirect URI. They are referring to this IETF article as justification for not allowing the wildcard.
Is there any workaround possible other then adding the wildcard into the URI?
Per support from our IDP provider (F5 APM, https://www.f5.com/) the method used that requires the wildcard entry on the redirect URI violates RFC and is a security risk.
RFC6749 section 3.1.2.2 is what the wildcard is in violation of
RFC6749 section 4.1.1 describes a ‘state’ parameter that should be used instead.
Is there any workaround provided from SearchGuard for this?