Domain Security
As part of added authentication security, any Application created can define the originating app domain URL.
For instance, if your app is app.acme.com, you will need to add this domain under the Application setting in your Pathfix OAuth application.
If this URL is not defined, any user trying to authenticate will fail the verification process and see the following "Unauthorized Domain" message:
To add your application domain info:
- Under your Application name, click on Edit
- In the Application Domain section, add all your originating domain URLs
In our constant endeavour to enhance security, Pathfix needs to validate where the authentication request is originating from. Any auth or API requests coming through, will check and validate if the originating app matches with what you have defined during the setup of your application.
Only if both, the Domain specified and the domain requesting the authentication match, will the authentication proceed. If this fails, the authentication will be terminated and your users will see this error.
We recommend adding all your dev environmentsin your originating domain section. You can add up to 5 originating domains against an application, separated by a comma. This will allow you to test and push your application to live without facing any downtime.
