Docs

Configure Custom Domains with Auth0-Managed Certificates

Configure Custom Domains with Auth0-Managed Certificates

Feature availability

Auth0 custom domains are available with any paid subscription plan. If you want to manage the SSL/TLS certificates yourself, you will need an Enterprise subscription. For more information refer to Auth0 pricing plans.

If you choose to have Auth0 manage the certificates for your custom domain, it requires only that you add a CNAME record on the domain. Auth0 validates the record and the generates the certificate on Auth0 servers using Let’s Encrypt. These certificates are renewed automatically every three months. You can configure this easily and you won't have to maintain the certificates yourself.

To set up your custom domain using Auth0-managed certificates, you need to provide your domain name to Auth0, verify that you own that domain, and then complete additional configuration for the Auth0 features you are using.

Provide your domain name to Auth0

  1. Go to Dashboard > Tenant Settings.

  2. Select the Custom Domains tab.

Tenant Settings

  1. Enter your custom domain in the provided box and select Auth0-managed certificates.

  2. Click Add Domain.

You can only add one domain per tenant even though the Add Domain button still appears after you add a domain.

Verify ownership

Before you can use the domain with Auth0, you'll need to verify that you own it.

  1. Go to Dashboard > Tenant Settings, add the CNAME verification record listed in the Dashboard to your domain's DNS record.

DSN Record

  1. Click Verify to proceed.

It may take a few minutes before Auth0 is able to verify your CNAME record, depending on your DNS settings. If Auth0 was able to verify your domain name, you'll see a confirmation window. This means the verification process is complete and within 1 to 2 minutes, your custom domain should be ready to use.

Add the CNAME verification record to your domain's DNS record

Once added, the CNAME record must be present at all times to avoid issues during certificate renewal.

The following steps may vary for your domain host provider.

  1. Log in to your domain management service.

  2. Create a new record.

Parameter Value
Record type CNAME
Name Enter your custom domain name (such as login.northwind.com).
Time to Live (TTL) Use default value
Value Paste in the CNAME value provided by the Auth0 Dashboard for your domain's DNS record.
  1. When done, save your record.

If Auth0 was able to verify your domain name, you'll see a confirmation window. This means the verification process is complete and within 1 to 2 minutes, your custom domain should be ready to use.

Domain Verification

If you are unable to complete the verification process within three days, you'll need to repeat these steps.

Additional steps for specific Auth0 features

There are additional configuration steps you must complete depending on which Auth0 features you are using. See the Configure Custom Domains for Specific Features document for more information.

Keep reading