I’m trying to set up an application to work with Okta and I bumped into an issue with respect to Custom Domains. This is what I’ve done so far:
set up a custom domain for my organization
set the authorization server’s issuer URI to point to the custom domain
set the frontend Okta config to use the custom domain for the URI
When I go to my frontend, I correctly get redirected to the custom domain to login. Once I complete the login, I get redirected back to the frontend, but I get an exception stating something along the lines of “The issuer [DOMAIN] does not match [CUSTOM_DOMAIN]”, where DOMAIN is the original organization URL and CUSTOM_DOMAIN is the custom domain I set up.
Please let me know what I should do here. This feels like it’s a bug. If it’s not, I apologize please move the topic accordingly.
I just added a custom domain to my organization and frontend Okta config and am getting the same error. I am using a React SPA with the okta-react npm package and okta sign in widget.
The error is occurring when I am redirected back to implicit callback. The auth flow was working perfectly well before I enabled a custom domain and I’ve made sure that I am using the same custom domain throughout my frontend configuration. Any ideas @laura.rodriguez or others?
Ok I figured this out. I had just assumed we could replace the old issuer: {dev-xxx}/oauth2/default with something like: {mycustomurl}/oauth2/default
I didn’t realize that I had to create a new authorization server for my custom domain and use that as the issuer in my frontend. Once I did that and set my settings all worked fine.
by new authorization server do you mean a whole new ‘application’ in okta?
edit: sorry, should have done my due dil before, posting
APi–> authorization servers
can just update settings there
