diff --git a/kanidmd/src/lib/idm/server.rs b/kanidmd/src/lib/idm/server.rs
index 4bab675a0..09ffc69f1 100644
--- a/kanidmd/src/lib/idm/server.rs
+++ b/kanidmd/src/lib/idm/server.rs
@@ -178,7 +178,10 @@ impl IdmServer {
             })
             .and_then(|url| {
                 let valid = url.domain().map(|effective_domain| {
-                    effective_domain.ends_with(&rp_id)
+                    // We need to prepend the '.' here to ensure that myexample.com != example.com,
+                    // rather than just ends with.
+                    effective_domain.ends_with(&format!(".{}", rp_id)) 
+                    || effective_domain == rp_id
                 }).unwrap_or(false);
 
                 if valid {