Skip to content
  • There are no suggestions because the search field is empty.

How to Whitelist FMG Invitation URLs

This guide helps IT administrators configure email security settings to ensure FMG invitation and password reset emails work correctly for users. 

FMG sends invitation and password reset emails containing one-time-use dynamic URLs that grant access to users. These links may be blocked or broken by URL defender security policies, email link scanners, or advanced threat protection services.

To ensure successful delivery and functionality of these critical emails, IT administrators should whitelist FMG's sending infrastructure and configure security policies to allow these dynamic links.

What Are URL Defenders?

URL defenders (also called link protection or Safe Links) are security features that:

  • Scan and rewrite URLs in emails to check for malicious content

  • May break one-time-use dynamic URLs by pre-scanning them 

Common URL Defender Vendors:

  • Microsoft Defender for Office 365 (Safe Links)

  • Mimecast URL Protection

  • Proofpoint URL Defense

  • Barracuda Email Security Gateway

  • Cisco Email Security (IronPort)

  • Fortinet FortiMail

Configuring URL Protection Bypass

FMG uses two different URL formats for invitation emails. These URL patterns and sending domains should be whitelisted in your URL defense products to ensure safe delivery. 

  • Subscriber Invite Link Pattern:

    • https://email.email00.fmgsuite.com/c/{unique-guid}

  • Compliance and Publisher User Invite Link Pattern:

    • https://secure.fmgsuite.com/invitation/{unique-guid}

💡It is also best practice to whitelist FMG’s sending IP addresses to help ensure email deliverability. See this article for more details. 

Verification Steps

After implementing whitelist configuration:

  1. Request a test invitation or password reset email from FMG

  2. Check that the email arrives in the user's inbox (not spam/quarantine)

  3. Click the dynamic URL link in the email

  4. Verify the link directs to the Create a Password Screen, without errors

  5. Confirm the one-time-use link is not pre-consumed by security scanning

Troubleshooting Common Issues

Issue

Solution

Invite emails not arriving in inbox

Verify IP addresses are whitelisted in spam filter and firewall rules.

Links redirect to login page immediately

One-time URL was consumed by a security scan. Disable URL rewriting for FMG and add FMG domain to URL bypass policy 

If you continue experiencing issues after implementing these changes, contact FMG Support for additional assistance with domain and URL patterns specific to your configuration.