diff --git a/package-lock.json b/package-lock.json
index f785a2eb3..f5953a219 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -38,7 +38,8 @@
         "ts-jest": "^29.1.0",
         "ts-node": "^10.9.1",
         "typedoc": "^0.24.6",
-        "typescript": "4.9.5"
+        "typescript": "4.9.5",
+        "undici": "^6.15.0"
       },
       "engines": {
         "node": ">=18"
@@ -7247,6 +7248,15 @@
         "url": "https://github.com/sponsors/ljharb"
       }
     },
+    "node_modules/undici": {
+      "version": "6.15.0",
+      "resolved": "https://a0us.jfrog.io/artifactory/api/npm/npm/undici/-/undici-6.15.0.tgz",
+      "integrity": "sha512-VviMt2tlMg1BvQ0FKXxrz1eJuyrcISrL2sPfBf7ZskX/FCEc/7LeThQaoygsMJpNqrATWQIsRVx+1Dpe4jaYuQ==",
+      "dev": true,
+      "engines": {
+        "node": ">=18.17"
+      }
+    },
     "node_modules/update-browserslist-db": {
       "version": "1.0.11",
       "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.0.11.tgz",
@@ -12875,6 +12885,12 @@
         "which-boxed-primitive": "^1.0.2"
       }
     },
+    "undici": {
+      "version": "6.15.0",
+      "resolved": "https://a0us.jfrog.io/artifactory/api/npm/npm/undici/-/undici-6.15.0.tgz",
+      "integrity": "sha512-VviMt2tlMg1BvQ0FKXxrz1eJuyrcISrL2sPfBf7ZskX/FCEc/7LeThQaoygsMJpNqrATWQIsRVx+1Dpe4jaYuQ==",
+      "dev": true
+    },
     "update-browserslist-db": {
       "version": "1.0.11",
       "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.0.11.tgz",
diff --git a/package.json b/package.json
index b0b61aff9..74d583312 100644
--- a/package.json
+++ b/package.json
@@ -79,6 +79,7 @@
     "ts-jest": "^29.1.0",
     "ts-node": "^10.9.1",
     "typedoc": "^0.24.6",
-    "typescript": "4.9.5"
+    "typescript": "4.9.5",
+    "undici": "^6.15.0"
   }
 }
diff --git a/src/auth/oauth.ts b/src/auth/oauth.ts
index caaa583bf..2902b1051 100644
--- a/src/auth/oauth.ts
+++ b/src/auth/oauth.ts
@@ -274,7 +274,7 @@ export class OAuth extends BaseAuthAPI {
   constructor(options: AuthenticationClientOptions) {
     super({
       ...options,
-      domain: options.useMTLS ? `${mtlsPrefix}.` + options.domain : options.domain,
+      domain: options.useMTLS ? `${mtlsPrefix}.${options.domain}` : options.domain,
     });
     this.idTokenValidator = new IDTokenValidator(options);
   }
diff --git a/src/lib/models.ts b/src/lib/models.ts
index 2ffbb142c..9c72c0539 100644
--- a/src/lib/models.ts
+++ b/src/lib/models.ts
@@ -1,4 +1,5 @@
 import { RetryConfiguration } from './retry.js';
+import { Dispatcher } from 'undici';
 
 /**
  * @private
@@ -25,8 +26,7 @@ export interface Configuration {
   /**
    * Pass your own http agent to support proxies.
    */
-  // https://github.com/octokit/types.ts/blob/v10.0.0/src/RequestRequestOptions.ts#L13
-  agent?: unknown;
+  agent?: Dispatcher;
   /**
    * Custom headers that will be added to every request.
    */
diff --git a/test/auth/client-authentication.test.ts b/test/auth/client-authentication.test.ts
index 807bf06b5..9a830b86f 100644
--- a/test/auth/client-authentication.test.ts
+++ b/test/auth/client-authentication.test.ts
@@ -3,7 +3,7 @@ import { jest } from '@jest/globals';
 import * as jose from 'jose';
 import { AuthenticationClient } from '../../src/index.js';
 import { TEST_PUBLIC_KEY, TEST_PRIVATE_KEY } from '../constants.js';
-
+import { Agent } from 'undici';
 const URL = 'https://tenant.auth0.com/';
 const clientId = 'test-client-id';
 const verifyOpts = {
@@ -241,9 +241,9 @@ describe('mTLS-authentication', () => {
     const auth0 = new AuthenticationClient({
       domain: 'tenant.auth0.com',
       clientId,
-      agent: {
-        options: { key: 'my-key', cert: 'my-cert' },
-      },
+      agent: new Agent({
+        connect: { cert: 'my-cert', key: 'my-key' },
+      }),
       useMTLS: true,
     });
     await auth0.oauth.clientCredentialsGrant({