diff --git a/server/utils/next_url.test.ts b/server/utils/next_url.test.ts
index 56f4b074..c90e2cd7 100644
--- a/server/utils/next_url.test.ts
+++ b/server/utils/next_url.test.ts
@@ -104,6 +104,11 @@ describe('test validateNextUrl', () => {
     expect(validateNextUrl(url, '')).toEqual(undefined);
   });
 
+  test('allow basePath', () => {
+    const url = '/osd';
+    expect(validateNextUrl(url, '/osd')).toEqual(undefined);
+  });
+
   test('allow dashboard url', () => {
     const url =
       '/_plugin/opensearch-dashboards/app/opensearch-dashboards#dashbard/dashboard-id?_g=(param=a&p=b)';
diff --git a/server/utils/next_url.ts b/server/utils/next_url.ts
index 9cc47adb..596aefd0 100644
--- a/server/utils/next_url.ts
+++ b/server/utils/next_url.ts
@@ -73,7 +73,7 @@ export function validateNextUrl(
     }
     const pathMinusBase = path.replace(bp, '');
     if (
-      !pathMinusBase.startsWith('/') ||
+      (pathMinusBase && !pathMinusBase.startsWith('/')) ||
       (pathMinusBase.length >= 2 && !/^\/[a-zA-Z_][\/a-zA-Z0-9-_]+$/.test(pathMinusBase))
     ) {
       return INVALID_NEXT_URL_PARAMETER_MESSAGE;