Seems like the SAML identity provider setting page that let you configure the Entity ID is not respected.
It appears that the entity ID is derived from the sign-in URL, which is problematic for cases where the issuer and the sign-in URL do not match (custom domains).
But in general, is there a solution for cases where there is a custom domain in Auth0 and the issuer does not match the domain?