Issuer claim mismatch for Universal Login


I’m integrating a .NET framework web app with Auth0. It works fine using our test tenant with the default login.

However, we are having difficulties integrating a customer Auth0 tenant that utilizes Universal Login with a custom domain. There are currently 3 different login method allowed for the app: database, microsoft and ADFS.

If the app is configured to use the auth0 url (* as the domain, database and microsoft authentication work but ADFS fails with the following:

Issuer (iss) claim mismatch in the ID token; expected “https://*”, found “https://custom_url”.

If the configuration is switched to use the custom domain URL, ADFS works but database and microsoft authentication fail with the tokens flipped in the error message.

Issuer (iss) claim mismatch in the ID token; expected “https://custom_url”, found “https://*”.

Where exactly is the configuration broken?


Hi @baflynn47,

Welcome to the Community!

I noticed you also filed a support ticket on this issue. I am going to let the support team take the lead and I will update this post when the process is completed.


This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.