Issuer invalid with custom domain

I have used the ASP.NET Core tutorial to connect my ASP.NET Core app and request an access token for my API.

This works fine, until I try to use my custom domain. When I switch to it, I receive an Unauthorized response with the following header.

www-authenticate: Bearer error=“invalid_token”, error_description=“The issuer is invalid”

What do I need to do to make the API recognize the custom domain?

Have you also changed to the custom domain in your appsettings.json for your backend/API?

{
  "Auth0": {
    "Domain": "YOUR_DOMAIN",
    "ApiIdentifier": "YOUR_API_IDENTIFIER"
  }
}

See Auth0 ASP.NET Core Web API SDK Quickstarts: Authorization

Thanks @mathiasconradt. Yes I had done that, which broke other things which made me think you weren’t supposed to do that (in fact, I thought I read that.)

What I did was added a “CustomDomain” option as well, and use that in both, and continue to use the standard domain anywhere else (management API for example) so this seems to be working now.

Oh wait, now I remember why I can’t do this… the Winforms library does not play nice with custom domains. So I can’t set the API domain to the custom domain.

2 Likes

Any update @mathiasconradt on whether Winforms library allows us to set the API domain as the custom domain? The lack of support for custom domains across the product is quite frustrating as it’s a requirement for many browsers now.

@aamalek – I currently have the winforms client using my custom domain. I don’t remember what was occurring before or why it wasn’t working, but it does work now.