@@ -172,7 +172,7 @@ These configuration keys are used globally across all features.
172172
173173.. py :data :: SECURITY_REDIRECT_BEHAVIOR
174174
175- Passwordless login, confirmation, reset password, unified signin, change_email, and OAuth signin
175+ Passwordless login, confirmation, reset password, unified signin, change_email, and Social Login
176176 have GET endpoints that validate the passed token and redirect to an action form.
177177 For Single-Page-Applications style UIs which need to control their own internal URL routing these redirects
178178 need to not contain forms, but contain relevant information as query parameters.
@@ -225,7 +225,7 @@ These configuration keys are used globally across all features.
225225.. py :data :: SECURITY_REDIRECT_BASE_DOMAIN
226226
227227 Set the base domain for checking allowable redirects. The intent here is to
228- allow an application to be server on e.g. "flaskapp.my.org" and redirect
228+ allow an application to be served on e.g. "flaskapp.my.org" and redirect
229229 to "myservice.my.org" (which maybe isn't a Flask app). Flask's SERVER_NAME
230230 can't be used to verify redirects in this case. Note that in most cases
231231 the application will want to set Flask's SESSION_COOKIE_DOMAIN to be this base domain -
@@ -422,6 +422,7 @@ These configuration keys are used globally across all features.
422422 - :py:data: `SECURITY_WAN_DELETE_URL `
423423 - :py:data: `SECURITY_MULTI_FACTOR_RECOVERY_CODES `
424424 - :py:data: `SECURITY_CHANGE_EMAIL_URL `
425+ - :py:data: `SECURITY_CHANGE_USERNAME_URL `
425426
426427 This can also be used to protect application endpoints with the :meth: `flask_security.auth_required ` decorator.
427428
0 commit comments