The behavior of the redirect URIs changes in the Cloud Foundry environment of SAP Business Technology Platform. This is an incompatible change in XSUAA. You cannot use implicit wildcards anymore.
GENERAL RECOMMENDATION
We highly recommend that you avoid wildcards wherever possible.
In SAP Authorization and Trust Management, you can configure redirect URIs in the OAuth configuration of the application security descriptor file (
xs-security.json) of your applications. With this change, you can only use explicit wildcards in
redirect-uris.
NOTE
You are only affected if you are using custom domains or
redirect-uris in the OAuth configuration of your application security descriptor file (
xs.security.json).
SUPPORTED: Explicit Wildcards
Defined Redirect URI in the application security descriptor file:
http://application.cfapps.sap.hana.ondemand.com
For more information, see
SAP Help Portal: Application Security Descriptor Configuration Syntax.