I have set up a custom domain and it’s working well for user-facing pages. I also use the default API identifier to access the Management API from my server, as per this answer: API access using the custom domain - #3 by rueben.tiow
The problem is that the Management API only allows me to use the default API Identifier domain which looks like: https://MY_DOMAIN.REGION.auth0.com
and then therefore returns a password-update url with that domain.
This isn’t just a cosmetic problem, having different domains where users log in and where they change their password means that password managers don’t work correctly.
I’m looking for a solution that lets me generate password change urls using my custom domain.
I really don’t want to host the password change myself and then update the user via the Management API, but that’s my backup plan if I can’t get this more secure method working.
I’m using the auth0 node.js library, so the request looks like: auth0.tickets.changePassword({ user_id: userId });