Configure Custom Domains with Auth0-Managed Certificates
Availability varies by Auth0 plan and login method
Both the login implementation you use and your Auth0 plan or custom agreement affect whether this feature is available. To learn more, read New Universal Login vs. Classic Universal Login and Pricing.
If you want Auth0 to manage the certificates for your custom domain, you only need to add a CNAME record on the domain. Auth0 validates the record and then generates the certificate on Auth0 servers. These certificates are renewed automatically every three months. You can configure this easily, and you won't have to maintain the certificates yourself.
To set up your custom domain using Auth0-managed certificates, you must provide your domain name to Auth0 and verify that you own that domain. Once verified, you will need to configure your Auth0 features to start using your custom domain.
Provide your domain name to Auth0
Go to Dashboard > Settings > Custom Domains or Dashboard > Branding > Custom Domains. Enter your custom domain in the provided box, and select Auth0-managed certificates.
Click Add Domain. You can only add one domain per tenant even though the Add Domain button still appears after you add a domain.
Verify ownership
Before you can use the domain with Auth0, you'll need to verify that you own it.
Go to Dashboard > Branding > Custom Domains and add the CNAME verification record listed in the Dashboard to your domain's DNS record.
Click Verify to proceed. It may take a few minutes before Auth0 is able to verify your CNAME record, depending on your DNS settings. If Auth0 was able to verify your domain name, you'll see a confirmation window. This means the verification process is complete, and within 1 to 2 minutes, your custom domain should be ready to use.
Add CNAME verification record to DNS record
Once added, the CNAME record must be present at all times to avoid issues during certificate renewal.
If you need to enable CNAME flattening for all subdomains managed by Cloudfare and also configure a specific subdomain to be an Auth0 custom domain, consider delegating the subdomain for Auth0 to another DNS provider. To learn more, read Delegating Subdomains Outside of Cloudflare in the Cloudflare documentation. This will enable you to use CNAME flattening for all subdomains except the one used for Auth0.
The following steps may vary for your domain host provider.
Log in to your domain management service.
Create a new record.
Parameter Value Record type CNAME Name Enter your custom domain name (such as login.northwind.com). Time to Live (TTL) Use default value. Value Paste in the CNAME value provided by the Auth0 Dashboard for your domain's DNS record. When done, save your record.
If Auth0 was able to verify your domain name, you'll see a confirmation window. This means the verification process is complete, and within 1 to 2 minutes, your custom domain should be ready to use.
If you are unable to complete the verification process, you may need to repeat these steps.
Additional steps for specific Auth0 features
There are additional configuration steps you must complete depending on which Auth0 features you are using. To learn more, see Configure Features to Use Custom Domains.