Auth0 openid with custom domain failing

Identity
, , ,
#1

Hi,

Just trying to integrate with open id connect option for a “regular web app” authentication with Auth0 using a custom domain. We are integrating using on a express based node js app.

The domain, has been verified via CNAME record using the “Auth0 managed certificate option” and passes the test on the auth0 portal. The auth flow works perfectly with auth0 subdomain, however when we switch to the custom domain as the Issuer_base_url we get the following error:

{
“error”: {
“status”: 400,
“message”: “unexpected iss value, expected https://auth..io/, got: https://.au.auth0.com/”
}
}

Any ideas on how we can fix this issue, thanks.

#2

Also should mention, the error shows up after the callback is returning the user to our portal. From the logs we can tell the user has been authenticated however the callback is not getting the expected custom domain value

#3

Hi @manish1 and welcome to the Auth0 Community! :tada: :grinning:

Can you please confirm that you’ve followed our documentation concerning additional configurations for your Custom Domain?


Please review those and let me know if you’ve already attempted following those guidelines. If you’re still having trouble, I’d ask that you DM me your tenant so I can have a closer look.

Best Regards,
Colin

1 Like
#5

Hi @colin.coutts ,
Thanks for response. Yes, have been through the guides and still no luck.
Best we can tell is that using the ‘express-openid-connect’ library the config params for auth do not allow of setting the a value of a custom domain.

Below is our middleware that is trying to instantiate auth. It works when we use the “auth0” subdomain, but fails when we try and use our verified custom domain.

router.use(
auth({
authRequired: false,
auth0Logout: true,
issuerBaseURL: process.env.ISSUER_BASE_URL,
baseURL: process.env.BASE_URL,
clientID: process.env.CLIENT_ID,
clientSecret: process.env.SECRET
})
);

Happy to DM you our tenant details, if you would like to verify the auth0 settings