I’ve set up an application using a custom domain and can successfully authenticate users to it, using the custom domain as the authority.
Now I want to add a machine-to-machine application but that is automatically configured with the auth0 domain and I can’t change it to use the custom domain.
So I can’t support both authentication methods at the same time without disabling issuer verification. Is there any way around this?
Hey, thanks for the welcome and the prompt response
I was double-checking my config as I was composing my reply and it turns out I had a mismatch - my M2M was using the xx.eu.auth0.com authority and my web app was using my custom domain auth.xx.com, so the two types of tokens had different issuers, which makes sense. Once I changed the M2M app to use the custom domain, all was good