diff --git a/src/auth/baseexternalclient.ts b/src/auth/baseexternalclient.ts
index ddd79d8e..81540014 100644
--- a/src/auth/baseexternalclient.ts
+++ b/src/auth/baseexternalclient.ts
@@ -76,6 +76,7 @@ export interface BaseExternalAccountClientOptions {
   client_secret?: string;
   quota_project_id?: string;
   workforce_pool_user_project?: string;
+  universe_domain?: string;
 }
 
 /**
@@ -137,9 +138,9 @@ export abstract class BaseExternalAccountClient extends AuthClient {
   private readonly workforcePoolUserProject?: string;
   public projectId: string | null;
   public projectNumber: string | null;
+  public universeDomain?: string;
   public readonly eagerRefreshThresholdMillis: number;
   public readonly forceRefreshOnFailure: boolean;
-
   /**
    * Instantiate a BaseExternalAccountClient instance using the provided JSON
    * object loaded from an external account credentials file.
@@ -205,6 +206,7 @@ export abstract class BaseExternalAccountClient extends AuthClient {
     this.forceRefreshOnFailure = !!additionalOptions?.forceRefreshOnFailure;
     this.projectId = null;
     this.projectNumber = this.getProjectNumber(this.audience);
+    this.universeDomain = options.universe_domain;
   }
 
   /** The service account email to be impersonated, if available. */
diff --git a/test/test.baseexternalclient.ts b/test/test.baseexternalclient.ts
index 6c98df7d..0b89e840 100644
--- a/test/test.baseexternalclient.ts
+++ b/test/test.baseexternalclient.ts
@@ -283,6 +283,26 @@ describe('BaseExternalAccountClient', () => {
     });
   });
 
+  describe('universeDomain', () => {
+    it('should be undefined if not set', () => {
+      const client = new TestExternalAccountClient(externalAccountOptions);
+
+      assert(client.universeDomain === undefined);
+    });
+
+    it('should be set if provided', () => {
+      const universeDomain = 'universe.domain.com';
+      const options: BaseExternalAccountClientOptions = Object.assign(
+        {},
+        externalAccountOptions
+      );
+      options.universe_domain = universeDomain;
+      const client = new TestExternalAccountClient(options);
+
+      assert.equal(client.universeDomain, universeDomain);
+    });
+  });
+
   describe('getServiceAccountEmail()', () => {
     it('should return the service account email when impersonation is used', () => {
       const saEmail = 'service-1234@service-name.iam.gserviceaccount.com';