Skip to main content
PATCH
/
custom-domains
/
default
Update the default custom domain for the tenant
curl --request PATCH \
  --url https://{tenantDomain}/api/v2/custom-domains/default \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "domain": "<string>"
}
'
{
  "custom_domain_id": "cd_0000000000000001",
  "domain": "login.mycompany.com",
  "primary": false,
  "status": "ready",
  "type": "self_managed_certs",
  "is_default": false,
  "origin_domain_name": "mycompany_cd_0000000000000001.edge.tenants.auth0.com",
  "verification": {
    "methods": [
      {
        "name": "txt",
        "record": "auth0-domain-verification=...",
        "domain": "_cf-custom-hostname.login.mycompany.com"
      }
    ],
    "status": "verified",
    "error_msg": "<string>",
    "last_verified_at": "<string>"
  },
  "custom_client_ip_header": "<string>",
  "tls_policy": "recommended",
  "domain_metadata": {},
  "certificate": {
    "status": "provisioning",
    "error_msg": "<string>",
    "certificate_authority": "letsencrypt",
    "renews_before": "<string>"
  },
  "relying_party_identifier": "<string>"
}

Authorizations

Authorization
string
header
required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Body

domain
string
required

The domain to set as the default custom domain. Must be a verified custom domain or the canonical domain.

Required string length: 1 - 253

Response

Default custom domain set successfully.

custom_domain_id
string
default:cd_0000000000000001
required

ID of the custom domain.

domain
string
default:login.mycompany.com
required

Domain name.

primary
boolean
default:false
required

Whether this is a primary domain (true) or not (false).

status
enum<string>
default:ready
required

Custom domain configuration status. Can be failed, pending_verification, or ready.

Available options:
pending_verification,
ready,
failed
type
enum<string>
default:self_managed_certs
required

Custom domain provisioning type. Can be auth0_managed_certs or self_managed_certs.

Available options:
auth0_managed_certs,
self_managed_certs
is_default
boolean
default:false

Whether this is the default custom domain (true) or not (false).

origin_domain_name
string
default:mycompany_cd_0000000000000001.edge.tenants.auth0.com

Intermediate address.

verification
object

Domain verification settings.

custom_client_ip_header
string | null

The HTTP header to fetch the client's IP address

tls_policy
string
default:recommended

The TLS version policy

domain_metadata
object

Domain metadata associated with the custom domain, in the form of an object with string values (max 255 chars). Maximum of 10 domain metadata properties allowed.

certificate
object

Certificate information. This object is relevant only for Custom Domains with Auth0-Managed Certificates.

relying_party_identifier
string<hostname>

Relying Party ID (rpId) to be used for Passkeys on this custom domain. If not present, the full domain will be used.