Merge remote-tracking branch 'origin/master'

modules/analytics/distribution/src/repository/conf/security/Owasp.CsrfGuard.Carbon.properties

@@ -454,3 +454,6 @@ org.owasp.csrfguard.unprotected.JsApi=%servletContext%/portal/apis/analytics/*
 org.owasp.csrfguard.unprotected.Servlet=%servletContext%/analytics-api/*
 org.owasp.csrfguard.unprotected.ml=%servletContext%/api/login*
 org.owasp.csrfguard.unprotected.passivests=%servletContext%/acs/*
+org.owasp.csrfguard.unprotected.deviceMgtSSOAcs=%servletContext%/devicemgt/uuf/sso/acs
+org.owasp.csrfguard.unprotected.deviceMgtAcs=%servletContext%/uuf/sso/acs
+org.owasp.csrfguard.unprotected.deviceMgtApi=%servletContext%/devicemgt/api/invoker/execute/*

modules/core/distribution/src/repository/conf/security/Owasp.CsrfGuard.Carbon.properties

@@ -462,11 +462,14 @@ org.owasp.csrfguard.unprotected.storeRestApi=%servletContext%/api/appm/store/*
 org.owasp.csrfguard.unprotected.certificateMgtRestApi=%servletContext%/api/certificate-mgt/*
 org.owasp.csrfguard.unprotected.deviceMgtRestApi=%servletContext%/api/device-mgt/*
 org.owasp.csrfguard.unprotected.dcrRestApi=%servletContext%/dynamic-client-web/*
-
+org.owasp.csrfguard.unprotected.deviceMgtSSOAcs=%servletContext%/devicemgt/uuf/sso/acs
+org.owasp.csrfguard.unprotected.deviceMgtAcs=%servletContext%/uuf/sso/acs
+org.owasp.csrfguard.unprotected.deviceMgtApi=%servletContext%/devicemgt/api/invoker/execute/*
+ 
 #carbon
 org.owasp.csrfguard.unprotected.Services=%servletContext%/services/*
 
 #identity
 org.owasp.csrfguard.unprotected.acs=%servletContext%/acs/*
 org.owasp.csrfguard.unprotected.iwa=%servletContext%/iwa/*
-org.owasp.csrfguard.unprotected.oauthiwa=%servletContext%/commonauth/iwa/*
+org.owasp.csrfguard.unprotected.oauthiwa=%servletContext%/commonauth/iwa/*