We recently got a custom domain, that matches that of our application - we are using nginx to route requests to auth0 or our application, depending on the call.
However, since we configured the custom domain, we fail to log in succesfully - we get an error on the callback (the 2nd one that includes the code, which is Failed Exchange:Failed to verify code verifier. It does occasionally succeed, but even then, there are problems with the token.
Note that when we are running locally, where the AUTH0_BASE_URL is set to localhost, it works fine. This leads us to suspect that something that should be routed to our application, is being sent to auth0 by accident, but not sure what.
Is there anything we can investigate? Is it even possible to use the same domain/subdomain for our app and the auth0 custom domain, or do we need to use different subdomains?
It seems like the custom domain is working, judging from your statement, the error happens during the redirection to the callback URL, specifically with the “Failed Exchange: Failed to verify code verified” error message.
Yes, I’d already seen the topic around Failed to verify code verifier
To be honest, I think the problem is nginx has to decide what should be routed to auth0 and what to our application, and there is no clear guidance on this, so some things are routed to the wrong place.
In any case, we just realised we can only have one custom domain per tenant, apparently, which is a blocker for us.
Thanks for your help and feel free to close the issue