Table of Contents

Class CustomDomainInterceptor

Namespace
Auth0.ManagementApi.Core
Assembly
Auth0.ManagementApi.dll

A DelegatingHandler that enforces the Auth0-Custom-Domain header whitelist.

The Auth0-Custom-Domain header is only meaningful for specific Management API endpoints that generate user-facing links (email verification, password reset, invitations, etc.). This handler strips the header from requests to any path not on the whitelist, preventing it from leaking to unrelated endpoints.

Whitelisted paths:

  • POST /tickets/email-verification
  • POST /tickets/password-change
  • POST /organizations/{id}/invitations
  • POST /guardian/enrollments/ticket
  • POST /jobs/verification-email
  • POST /jobs/users-imports
  • POST /users and PATCH /users/{id}
  • POST /self-service-profiles/{id}/sso-ticket
public class CustomDomainInterceptor : DelegatingHandler, IDisposable
Inheritance
CustomDomainInterceptor
Implements
Inherited Members
Extension Methods

Constructors

CustomDomainInterceptor()

Initializes a new instance of CustomDomainInterceptor with a default HttpClientHandler as the inner handler.

public CustomDomainInterceptor()

CustomDomainInterceptor(HttpMessageHandler)

Initializes a new instance of CustomDomainInterceptor wrapping the specified inner handler.

public CustomDomainInterceptor(HttpMessageHandler innerHandler)

Parameters

innerHandler HttpMessageHandler

The inner HttpMessageHandler to delegate to.

Exceptions

ArgumentNullException

Thrown when innerHandler is null.

Fields

HeaderName

The name of the custom domain header.

public const string HeaderName = "Auth0-Custom-Domain"

Field Value

string

Methods

SendAsync(HttpRequestMessage, CancellationToken) 

protected override Task<HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)

Parameters

request HttpRequestMessage
cancellationToken CancellationToken

Returns

Task<HttpResponseMessage>