Update the domain in a legacy SSO callback URL in the IDP environment
If your IDP authenticator for Aurora Endpoint Defense was created before June 2026, you might be using an SSO callback URL with a legacy domain for authentication. To ensure continuity for upcoming changes to the URL in June 2026, you need to add a separate callback URL in your IDP environment. The new callback URL uses an updated domain but with the same hash as the existing URL.
In your IDP environment, you need to update the callback URL in the authenticator app settings if you are using a legacy SSO callback URL in one of these formats:
https://login.eid.blackberry.com/_/resume/saml20/<hash>tohttps://idp.cs.cylance.com/_/resume/saml20/<hash>(where <hash> is the hash value)https://idp.blackberry.com/_/resumetohttps://idp.cs.cylance.com/_/resume(no hash value)
For instructions on updating the callback URL in specific IDP environments, see one of these:
- Entra: Update the current SSO callback URL in the SAML app configuration
- Okta: Update the current SSO callback URL in the OIDC app configuration
- Okta: Update the current SSO callback URL in the SAML app configuration
- OneLogin: Update the current SSO callback URL in the OIDC app configuration
- OneLogin: Update the current SSO callback URL in the SAML app configuration
- PingOne: Update the current SSO callback URL in the OIDC app configuration
- PingOne: Update the current SSO callback URL in the SAML app configuration