This rule triggers on the
redirect_uri request parameter used by the OIDC Landing Page, and should be disabled.
This rule can also trigger on the
redirect_uri request parameter when the URI uses
localhost as the domain. Consider disabling this rule in non-production environments, for example to enable testing with a local Haventec IAM instance.
A false positive that can be caused by "/" characters in Base64 content. This rule should be disabled for both Haventec IAM and the OIDC Landing Page.
A false positive when using Haventec IAM with SAML, caused by URIs in the SigAlg parameter.
This rule can be triggered by URIs in the request body when configuring identity providers and other resources in Haventec IAM. Disable this rule if administrators access Keycloak through the WAF.
This rule can be triggered by URIs in the request body that use
localhost as the domain. Consider disabling this rule in non-production environments when configuring Keycloak with loal endpoints.