The documentation at https://developer.apple.com/documentation/mapkitjs/creating_and_using_tokens_with_mapkit_js states clearly that an asterisk can be used in the origin field of the MapKit JS Token to match multiple origin values. I quote:
origin — An optional claim that constrains the token to a specific website or domain. The value of this claim is a fully qualified domain that matches the Origin header passed by a browser. Use the asterisk character (*) in the domain to match multiple origin values. Don’t include a trailing slash as part of the origin claim.
So I created a token with an origin like https://*.mydomain.com and was very surprised (read: disappointed) when I deployed it and the authorization call towards Apple servers responded with this error:
[MapKit] Initialization failed because the authorization token is invalid. Origin does not match - expected: https://*.mydomain.com, actual: https://www.mydomain.com
Has anyone else had a similar issue, or success when using wildcard subdomains with MapKit JS Tokens?
