Hi guys,
I feel frustrated with your support service. I have created a ticket and nobody has answered, I also called at the phone numbers on the home page. My subscription includes support. Could anyone please help me, the ticket number is: #00456537.
Hello, @robi1
I am sorry that you feel frustrated. Our Support team is constantly working on help our customers so I am sure they will get back to you anytime soon.
In the meantime, have you followed this documentation? Configure Features to Use Custom Domains
thanks!
@karen.bermudez, thank you for the quick reply.
I already did. this is how my Auth Object is set:
export const environment = {
auth0: {
domain: âlogin.mydomain.comâ, //omitted for security
clientId: â**********770hjqcGâ, // omitted for security
callbackURL: ${window.location.origin}/Callback ,
appURL: window.location.origin,
allowedConnections: [âUsername-Password-Authenticationâ],
auth0Tenant: âlockhartandleithâ,
authorizationServer: {
issuer: âlogin.mydomain.comâ,
}
}
}
In the Auth.service.ts we have:
private options = new BehaviorSubject({
auth: {
redirectUrl: environment.auth0.callbackURL,
responseType: âtoken id_tokenâ,
audience: https://${environment.auth0.domain}/userinfo ,
params: {
scope: âopenid profileâ,
trainer_slug: ââ
}
},
allowedConnections: environment.auth0.allowedConnections,
autoclose: true,
oidcConformant: true,
closable: false,
rememberLastLogin: false,
allowForgotPassword: true,
forgotPasswordLink: ${window.location.origin}/${this.urlSlug}/reset-password ,
configurationBaseUrl: âhttps://cdn.auth0.comâ,
overrides: {
__tenant: environment.auth0.auth0Tenant,
__token_issuer: environment.auth0.authorizationServer.issuer
},
} as Auth0LockConstructorOptions)
this.lock = new Auth0Lock(
environment.auth0.clientId,
environment.auth0.domain,
this.options.value
);
Any thoughts?
Hello!
After reading your code I found why you are getting an error.
If you read this documentation: Configure Features to Use Custom Domains, it will explain the following:
If you use the Auth0 APIs, such as the Management API, the API identifier will use your default tenant domain name (such as
https://YOUR_TENANT.auth0.com/userinfoandhttps://YOUR_TENANT.auth0.com/api/v2/).
Being said that, when you specify the audience to get /userinfo (when you make this call you are calling our Authentication API) you must pass your tenant url and not the custom domain, otherwise this will not work as our API does not identify your custom domain as existent.
This should solve your issue, it seems everything else looks fine on your code.
I hope I got to help you.
Thank you!
I updated my code. When I hit the login button the following is returned:
{error: âinvalid_tokenâ, errorDescription: âIssuer (iss) claim mismatch in the ID token, expecâŚâlogin.gdtr.bizâ, found âhttps://login.gdtr.biz/ââ}
Hi!
If you try changing your domains adding the âhttps://â ?
thanks!
@karen.bermudez
I changed the domain to: âhttps://login.gdtr.bizâ and got the following:
Issuer (iss) claim mismatch in the ID token, expected âlogin.gdtr.bizâ, found âhttps://login.gdtr.biz/â
hmmmm, I wonder if itâs something about the Issuer configuration that is missing
I found in here Configure Features to Use Custom Domains that you should validate the JWT issuer(s) against your custom domain
I will keep searching about this specific error
Thank you!
Hello @karen.bermudez
I updated my code and now I was able to set up my custom domain using the embedded login flow. However, when disabling third party cookies Iâm getting this error {error: âaccess_deniedâ, errorDescription: âUnknown or invalid login ticket.â, state: âSbGMg-h7K0Ix7gbPJFh-p7NAzTVNqXzZâ}. The reason why we paid for a custom domain was to convert third-party cookies into first-party cookies. Am I missing any configuration step?
Hi @karen.bermudez,
Did you have the chance to look in to the issue related to the âInvalid login ticketâ ?