Loading
Feature degradation | Gmail Email delivery failureRead More
Set Up and Maintain Your Salesforce Organization
Table of Contents
Filter by (0)Add
Select Filters

          No results
          No results
          Here are some search tips

          Check the spelling of your keywords.
          Use more general search terms.
          Select fewer filters to broaden your search.

            Search all of Salesforce Help
            Search all of Salesforce Help
            Specify Trusted URLs for Redirections

            You are here:

            1. Salesforce Help
            2. Docs
            3. Set Up and Maintain Your Salesforce Organization

            Specify Trusted URLs for Redirections

            Help your users access ‌external and cross-org URLs via redirections. Add your trusted URLs to the Trusted URLs for Redirects allowlist. Redirections from Salesforce to URLs in that allowlist are always allowed without a warning.

            Required Editions

            Available in: all editions
            User Permissions Needed
            To set up trusted URLs for redirects: Customize Application AND Modify All Data

            Determine Valid External URLs for Redirections

            To understand where and when this allowlist is used, see External Redirection Restrictions in Salesforce.

            To determine the URLs to trust, consider the sites that your users access to perform their daily work. For example, your company website, trusted partners, and tools hosted on the internet. Also identify cross-org URLs to allow.

            To identify blocked redirections from components and pages that were built in Salesforce Classic, use the Trusted URL and Browser Policy Violations list in Setup. See Manage Trusted URL and Browser Policy Violations.

            To get details about blocked redirections, use the Blocked Redirect event type object. The blocked redirect event is free for all customers with a 24-hour data retention period. The event is available in the API but not in the Event Monitoring Analytics app. To collect details for blocked redirections over multiple days, schedule a daily query of the Blocked Redirect event type via REST API.See Blocked Redirect Event Type in Object Reference for the Salesforce Platform.

            Warning
            Warning To protect your users, we strongly discourage adding top-level Salesforce domains, such as *.salesforce.com, *.force.com or *.file.force.com, to the Trusted URLs for Redirects allowlist.

            Update the Trusted URLs for Redirects Allowlist

            Redirections from Salesforce to URLs in this allowlist are always allowed without a warning.

            1. In Setup, find and select Trusted URLs for Redirects.
            2. Click New URL.
            3. Enter the URL, and save your changes.
              These formats are accepted: example.com, *.example.com, and https://example.com.

              The host section of the URL can include an asterisk (*) as a wildcard. Otherwise, the URL cannot be malformed. Examples of malformed URLs that fail a syntax check are malformed^url.example.com, and https://{subdomain}.example.com.

            See Also

             
            Loading
            Salesforce Help | Article