I have several IOT devices deployed around the world that currently fetch access tokens using the endpoints provided by Auth0 initially: https://tenant.us.auth0.com/oauth/token
.
The access tokens are validated by an authorizer attached to an AWS API Gateway, configured with the initial Auth0 issuer value: https://tenant.us.auth0.com/
I am configuring custom domain on my Auth0 tenant (mydomain.com) and need to update the authorizer in my AWS API Gateway to use the new issuer value: https://mydomain.com/
.
The new IOT devices that i deploy after this change can be configured correctly to use the custom domain endpoint to fetch access tokens: https://mydomain.com/oauth/token
. The issuer iss
claim is set to my custom domain and authorization with the AWS API Gateway and its authorizer works as expected.
The issue is that my previous IOT devices are still fetching access tokens with an issuer claim set to the original Auth0 domain, which are now rejected by the AWS API Gateway’s authorizer. It is not possible to attach multiple authorizers to a same endpoint on an AWS API Gateway, and it is not possible to configure multiple issuer values.
How can i leverage Auth0 to ensure that the issuer claim is always set to my custom domain when fetching access tokens? Can Actions achieve this? Any help is appreciated.
Thank you,