Auth0 Home Blog Docs

Implicit grant custom domain: identitity provider login returns auth0 domain iss



I am in the process of switching to a custom domain for our SPA with implicit grant authorization method, using auth0-js v9.7.2. Authentication on auth0 domain works fine with username/password as well as identity providers. However when using the custom domain it seems that the token issuer value differs when attempting to login via an identity provider, so username/password still works, but via identity provider I get the following error:

{error: “invalid_token”, errorDescription: “Issuer is not valid.”}

Explicitly setting the token issuer by adding __token_issuer: ‘’ as an option resolves the issue for authentication via identity provider, but then introduces a similar error for username/password authentication stating:

{error: “invalid_token”, errorDescription: “Issuer is not valid.”}

Due to this, I can not get both authentication methods functioning via a custom domain at the same time. The document on states that the iss claim should always be the domain via which the request was done, but this does not appear to be the case here.