fix for custom domain

[wqsaali]

Changes

If your application issues an /authorize request with audience=https://login.northwind.com/userinfo, the server will return a Service not found: https://login.northwind.com/userinfo error. This is because even if you set a custom domain the API identifier for the /userinfo endpoint remains https://{YOUR_ORIGINAL_AUTH0_DOMAIN}/userinfo.

To fix this your app should instead use audience=https://{YOUR_ORIGINAL_AUTH0_DOMAIN}/userinfo. You can also remove this audience=[...]/userinfo parameter altogether if your application is flagged as OIDC-Conformant in the OAuth2 tab of the application's Advanced Settings.

References

• Docs page on "Service Not Found" for reference

Testing

• [ ] This change adds unit test coverage
• [x] This change has been tested on the latest version of the platform/language or why not

Checklist

• [x] I have read the Auth0 contribution guidelines
• [x] I have read the Auth0 Code of Conduct
• [x] All existing and new tests complete without errors
• [x] All code quality tools/guidelines in the CONTRIBUTING documentation have been run/followed

[joshcanhelp]

@wqsaali - This is great, thank you for the quick PR here. Let me think through how this works and make sure we're handling this the right way.

[joshcanhelp]

@wqsaali - Were you able to get this working or do we still need to investigate a fix here? Will be releasing a new version in the near future and would like to get this in, if needed. Happy to help investigate if you have repro steps for it failing.

Thank you 🙌

[joshcanhelp]

Closed for no activity.