Merge pull request #1811 from mdoro-13/warn_about_potential_mistake_i…

…n_whitelist-domain Warn not to include URL instead of domain and port
oauth2-proxy · Oct 23, 2022 · cfcba1a · cfcba1a
2 parents d9a33df + 51d3d55
commit cfcba1a
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/docs/docs/features/endpoints.md b/docs/docs/features/endpoints.md
@@ -33,7 +33,7 @@ X-Auth-Request-Redirect: https://my-oidc-provider/sign_out_page
 
 (The "sign_out_page" should be the [`end_session_endpoint`](https://openid.net/specs/openid-connect-session-1_0.html#rfc.section.2.1) from [the metadata](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfig) if your OIDC provider supports Session Management and Discovery.)
 
-BEWARE that the domain you want to redirect to (`my-oidc-provider.example.com` in the example) must be added to the [`--whitelist-domain`](../configuration/overview) configuration option otherwise the redirect will be ignored.
+BEWARE that the domain you want to redirect to (`my-oidc-provider.example.com` in the example) must be added to the [`--whitelist-domain`](../configuration/overview) configuration option otherwise the redirect will be ignored. Make sure to include the actual domain and port (if needed) and not the URL (e.g "localhost:8081" instead of "http://localhost:8081").
 
 ### Auth