diff --git a/core/server/services/auth/members/index.js b/core/server/services/auth/members/index.js
index 5afcf95d6f..28702ae120 100644
--- a/core/server/services/auth/members/index.js
+++ b/core/server/services/auth/members/index.js
@@ -1,8 +1,11 @@
+const URL = require('url').URL;
 const jwt = require('express-jwt');
 const membersService = require('../../members');
 const labs = require('../../labs');
 const config = require('../../../config');
 
+const siteOrigin = new URL(config.get('url')).origin;
+
 let UNO_MEMBERINO;
 
 module.exports = {
@@ -16,8 +19,8 @@ module.exports = {
             UNO_MEMBERINO = jwt({
                 credentialsRequired: false,
                 requestProperty: 'member',
-                audience: config.get('url'),
-                issuer: config.get('url'),
+                audience: siteOrigin,
+                issuer: siteOrigin,
                 algorithm: 'RS512',
                 secret: membersService.api.publicKey,
                 getToken(req) {
diff --git a/core/server/services/members/api.js b/core/server/services/members/api.js
index 1d004010b3..8c8429d09b 100644
--- a/core/server/services/members/api.js
+++ b/core/server/services/members/api.js
@@ -60,8 +60,11 @@ const publicKey = settingsCache.get('members_public_key');
 const privateKey = settingsCache.get('members_private_key');
 const sessionSecret = settingsCache.get('members_session_secret');
 const passwordResetUrl = config.get('url');
-const issuer = config.get('url');
-const ssoOrigin = new URL(config.get('url')).origin;
+
+const siteOrigin = new URL(config.get('url')).origin;
+
+const issuer = siteOrigin;
+const ssoOrigin = siteOrigin;
 let mailer;
 
 function sendEmail(member, {token}) {