For AI agents: a documentation index is available at the root level at /llms.txt and /llms-full.txt. Append /llms.txt to any URL for a page-level index, or .md for the markdown version of any page.
Help CenterOpenAPI SpecStatus
OverviewInquiriesTransactionsRelaysAPI ReferenceChangelog
OverviewInquiriesTransactionsRelaysAPI ReferenceChangelog
  • Overview
    • Inquiries Overview
    • Inquiry Model Lifecycle
    • Inquiry Templates
  • Managing inquiries
    • Creating Inquiries
    • Resuming Inquiries
    • Accessing Inquiry status and data
  • Hosted Flow integration
      • Parameters
      • Prefilling Fields
      • Redirecting after Inquiry
      • Security
      • Subdomains
      • WebView Considerations
  • Embedded Flow integration
  • Mobile SDK integration
    • Overview
    • Webview
  • Troubleshooting
    • Troubleshooting Steps
    • Troubleshooting Common Issues
LogoLogo
Help CenterOpenAPI SpecStatus
On this page
  • Allowed redirect URIs
Hosted Flow integrationReference guides

Security

Allowed redirect URIs

To ensure that the redirect-uri parameter only allows open redirects to known destinations, a domain allowlist can be configured per template, or globally in the Domain Manager page within the Persona Dashboard.

Once you add one or more domains, the Inquiry flow will disallow redirects to destinations not matching those domains.

When specifying domains, only provide the domain. Do not provide a URI scheme (e.g. https://).

Was this page helpful?
Previous

Subdomains

Next
Built with