Below I have used http://am.localtest.me:8080/openam for illustration but replace this with your local deployment of AM as required.
When posting to `http://am.localtest.me:8080/openam/json/users?_action=validateGoto`, AM is unable to determine whether the redirect URL is relative to the request URL so it rejects any URL that is not in the allowlist already.
- Login to AM and get the value of your iPlanetDirectoryPro cookie.
- Send the following cURL command to AM:
Create a Validation Service instance and add your AM domain to the Valid goto URL Resources list
The last value passed to getRedirectUrl is the request so that this can be used to compare the goto URL to check if it is relative. In this case a null is passed because we don't at this point have access to the request.