SAML/SSO generates an infinite loop during login when you define glide.security.url.whitelist without adding the IdP URLIssue Under certain conditions, the glide.security.url.whitelist system property is used to block redirections of URLs that have not been added to the inclusion list and SAML needed redirection to login. Symptoms When you log in to your instance, you are redirected to logout_redirect.do over and over again in an infinite loop where users cannot authenticate. You will notice a blank page and the URL changing only on the SAMLRequest part.The following conditions must be met: Multi SSO Provider is installed.The glide.security.url.whitelist property is defined.Redirection uses logout_redirect.do Note: The latest SAML redirection from Istanbul patch 03 uses auth_redirect.do, which does not require glide.security.url.whitelist to be set.CauseWhen you log in to the instance, you are redirected to your SAML provider using logout_redirect.do. logout_redirect respects the system property glide.security.url.whitelist. On glide.security.url.whitelist, you add the value of the external URLs to which you want to allow redirection. The logout_redirect.do might create this loop when you define glide.security.url.whitelist without adding the IdP hostname to the property value. ResolutionSet or add to the glide.security.url.whitelist system property the Identity Provider's redirection URLs.If multiple URLs need to be added to the list, separate them with commas.Only the http[s]://hostname[:port]/ part of the URL is required.If the property is not configured, empty, or contains invalid URLs, everything is allowed. Example Type: StringDefault value: (empty)Location: Add to the System Property [sys_properties] table Note: Note you only need the beginning of the URL to match. Related LinksFor more information, see the Configure multi-provider SSO documentation topic.