diff --git a/docs/developer-docs/web-apps/user-login/internet-identity/alternative-origins.mdx b/docs/developer-docs/web-apps/user-login/internet-identity/alternative-origins.mdx index 7832c7a40b..c7fa5f3ef6 100644 --- a/docs/developer-docs/web-apps/user-login/internet-identity/alternative-origins.mdx +++ b/docs/developer-docs/web-apps/user-login/internet-identity/alternative-origins.mdx @@ -31,15 +31,19 @@ For more information, see the [Internet Identity specification](https://github.c ## Configuring alternative origins -For this example, you will have two domains, **A** and **B**. **A** will be the canonical origin, and **B** will be the alternative domain. To help illustrate this model, consider this website, which is hosted both at https://internetcomputer.org and https://hwvjt-wqaaa-aaaam-qadra-cai.icp0.io. +For this example, you will have two domains, **A** and **B**. **A** will be the canonical origin, and **B** will be the alternative domain. To help illustrate this model, consider this website, which is hosted both at `https://yourcustomdomain.com` and `https://www.yourdomain.com`. -In this example, **A** would be the canister ID, or https://hwvjt-wqaaa-aaaam-qadra-cai.icp0.io. +In this example, **A** would be `https://yourcustomdomain.com`. -**B** would be the alternative origin, or https://internetcomputer.org. +**B** would be the alternative origin, or `https://www.yourdomain.com`. + +:::info +Your custom domains must be registered with the boundary nodes. +::: ### Listing origins -For origin **A**, you will need to provide a file that tells Internet Identity that **B** is a valid origin. You'll be placing the config files in `src/assets` directory of your frontend canister. If your frontend canister is currently configured to deploy assets from a `dist` folder, make sure to update the `sources` for your canister to include both: +On origin **A**, you will need to provide a file that tells Internet Identity that **B** is a valid alternative origin. You'll be placing the config files in `src/assets` directory of your frontend canister. If your frontend canister is currently configured to deploy assets from a `dist` folder, make sure to update the `sources` for your canister to include both: ```json "source": [ @@ -112,4 +116,4 @@ Then, configure the `.well-known` directory to be included, with: This includes a general rule to not ignore the `.well-known` directory, and rules to deliver the `ii-alternative-origins` with access control and content-type headers. -Then, all you need to do is deploy your canister. When you attempt to authenticate from origin **B** from then on, you will get back the same principal you get while using **A**. +Then, all you need to do is deploy your canister. When you attempt to authenticate from origin **B** from then on, you will get back the same principal you get while using **A**. This needs to be supplemented with the information configured with the `AuthClient` to specifically request to use domain **A** when authenticating from **B**, i.e. set `derivationOrigin` in call options to `login`.