Hello,
I have noticed this section when setting up a new tenant:
auth0.com, webtask.io and webtask.run are Auth0 domains and therefore cannot be used as a namespace identifier.
Unfortunately we have 3-4 older tenants which did exactly this and haven’t been modified in a number of months. These rules run fine, and if they broke it would kill our login. What will happen to those in the long term?
When was this restriction added?
You are correct that this was not previously restricted. This was put in place to conform to the OIDC specification. Note that if you are not using OIDC/OAuth this won’t restrict your rules, its only necessary to namespace in OIDC.
If you are, both authentication pipelines (OIDC-conformant and legacy) will be usable until further notice. Currently, there is not a date in place when this will absolutely need to be changed for older tenants. However, we strongly recommend that you update the namespace identifiers to be OIDC-conformant in the near future.
Please let me know if that answers your question or if you have any further questions.
This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.
