I'm sorry, but the knowledge sources do not contain any information about updating the WebFinger configuration on Ory Cloud or whether it should match your custom domain. The available documentation covers custom domains, OAuth2 issuer URLs, CORS, and related configuration, but does not mention WebFinger specifically. If you need guidance on WebFinger configuration, I recommend reaching out to Ory support or checking the official documentation for updates.

The knowledge sources do not provide a direct definition or detailed explanation of "webfinger configuration" in the context of Ory. However, from the available documentation, it is clear that "webfinger" appears as a configuration section within Ory OAuth2/OpenID Connect settings, particularly related to endpoints and key management. For example, the OAuth2 configuration includes a section like:

"webfinger": {   "jwks": {},   "oidc_discovery": {} }

Additionally, the documentation mentions that to broadcast a created keyset on the

/.well-known/jwks.json

endpoint, you need to add it to the OAuth2 configuration under the webfinger section:

ory patch oauth2-config --project <project-id> --workspace <workspace-id> \   --add '/webfinger/jwks/broadcast_keys/-="custom_keyset"'

This suggests that the "webfinger configuration" is related to how Ory exposes well-known endpoints (such as for JSON Web Key Sets and OIDC discovery) and manages which keysets are broadcast for token verification purposes. However, a full definition or broader context for "webfinger configuration" is not explicitly provided in the knowledge sources [Cryptographic key management and JSON Web Key Sets (JWKS)](https://www.ory.sh/docs/hydra/jwks#the-role-of-well-knownjwksjson).