When running Terraform using the custom domain the following error is received. 

Example: this is not working in terraform using Custom Domain
provider "auth0" {
domain = "https://my-domain.com"
client_id = "<client-id>"
client_secret = "<client-secret>"
debug = "<debug>"
}

Example: error message
Error: request failed: Get "https://my-domain.com/api/v2/actions/actions/394493dd-7d81-402b-83c4-50a17ff41ba5": oauth2: cannot fetch token: 403 Forbidden
│ Response: {"error":"access_denied","error_description":"Service not enabled within domain: https://my-domain.com/api/v2/"}

This will work in Terraform using the canonical domain.
provider "auth0" {
domain = "https://my-domain.us.auth0.com"
client_id = "<client-id>"
client_secret = "<client-secret>"
debug = "<debug>"
}

• Terraform

The Auth0 terraform provider supports the Custom Domain for the management API; however, while initializing the provider, pass the audience parameter set to the canonical domain.  In the example below if the tenant is in the US-3 region, the tenant's canonical domain is a sub-domain of us.auth0.com.

provider "auth0" {
domain = "https://my-domain.com"
audience = "https://my-domain.us.auth0.com/api/v2/"
client_id = "<client-id>"
client_secret = "<client-secret>"
debug = "<debug>"
}

Related References

• Terraform optional audience parameter