Certificate best practices

Hello! We are running a pilot with Auth0 as an identity provider to a custom cloud application. We are currently on the free tier, thus have a .auth0.com domain. One issue we’re having is Auth0 seems to issue new certificates before the current certificate expires, requiring our team to manually add new certificates to restore access. This is specifically an issue with our server-to-server calls. My question - can anyone provide guidance on how we should resolve this? For example - if we upgrade to use a custom domain, will this provide us more control?

Yes, with a custom domain, you are responsible for updating the certificates upon expiry, which usually has a longer expiration time by the way.

Moreover, you could also update your login pages to give a personal look and feel with custom domains.

2 Likes