We are trying to implement custom Auth0 custom domains and running into an issue where users can’t access a protected route after authenticating through the custom domain. Our logic basically follows example 4 in this document.
Looking at our backend token verification logs, we’re getting this error:
InvalidTokenError: Unexpected 'iss' value
Is there something we need to do to ensure the iss claim is correct using custom domains?