Auth0 API

Custom Domains

custom_domains

Methods

Configure A New Custom Domain -> { custom_domain_id, domain, primary, 5 more... }
post/custom-domains

Create a new custom domain.

Note: The custom domain will need to be verified before it will accept requests.

Optional attributes that can be updated:

  • custom_client_ip_header
  • tls_policy

TLS Policies:

  • recommended - for modern usage this includes TLS 1.2 only
  • compatible - compatible with older browsers this policy includes TLS 1.0, 1.1, 1.2

Some considerations:

  • The TLS ciphers and protocols available in each TLS policy follow industry recommendations, and may be updated occasionally.
  • Do not use the compatible TLS policy unless you have clients that require TLS 1.0.
Delete Custom Domain Configuration ->
delete/custom-domains/{id}

Delete a custom domain and stop serving requests for it.

Get Custom Domains Configurations -> Array<
CustomDomain
>
get/custom-domains

Retrieve details on custom domains.

Get Custom Domain Configuration ->
CustomDomain
get/custom-domains/{id}

Retrieve a custom domain configuration and status.

Update Custom Domain Configuration -> { custom_domain_id, domain, primary, 5 more... }
patch/custom-domains/{id}

Update a custom domain.

These are the attributes that can be updated:

  • custom_client_ip_header
  • tls_policy
Updating CUSTOM_CLIENT_IP_HEADER for a custom domain
To update the custom_client_ip_header for a domain, the body to send should be: 
{ "custom_client_ip_header": "cf-connecting-ip" }
Updating TLS_POLICY for a custom domain
To update the tls_policy for a domain, the body to send should be: 
{ "tls_policy": "recommended" }

TLS Policies:

  • recommended - for modern usage this includes TLS 1.2 only

Some considerations:

  • The TLS ciphers and protocols available in each TLS policy follow industry recommendations, and may be updated occasionally.
  • The compatible TLS policy is no longer supported.
Verify A Custom Domain -> { custom_domain_id, domain, primary, 7 more... }
post/custom-domains/{id}/verify

Run the verification process on a custom domain.

Note: Check the status field to see its verification status. Once verification is complete, it may take up to 10 minutes before the custom domain can start accepting requests.

For self_managed_certs, when the custom domain is verified for the first time, the response will also include the cname_api_key which you will need to configure your proxy. This key must be kept secret, and is used to validate the proxy requests.

Learn more about verifying custom domains that use Auth0 Managed certificates. Learn more about verifying custom domains that use Self Managed certificates.

Domain types

CustomDomain = { custom_domain_id, domain, primary, 6 more... }