Different users coming through VPN to my service

I have a web service (php, sql etc) running on an AWS account. I have openVPN setup, so users must establish the VPN connection, then the IP address will work.

I currently have this set as example123.noip.com which goes to 172.xxx.xxx.123

And this works.

My service is taking off, and I want to be able to offer it to other firms, BUT i want to be able to keep multiple firms hosted on the same AWS instance, but I would like to give each company a seamless experience, so for example I am thinking i can setup more noip addresses: clientcompany1.noip.com -> 172.xxx.xxx.123 clientcompany2.noip.com -> 172.xxx.xxx.123 clientcompany3.noip.com -> 172.xxx.xxx.123

So Mr X from Company3 goes to clientcompany3.noip.com and it will show his my service pages branded as Company 3... (they will not be aware other companies are hosted on that aws account)

(and some point I might need to add a separate AWS instance, and then I can just flip clientcompany3.noip.com -> 172.xxx.xxx.new address 456)

BUT - what is the best way to detect or route this within AWS? Do I just do some redirection detection from the HTTP headers using PHP? Is there a clever way to have traffic routed in with openVPN?

Ok, so I think the best way is to route my domain via Cloudflare.

I can then have subdomains defined as A records, routing to the private IP or public IP addresses for each service (so some users might have a static IP address which I can allow through the AWS firewall rules, so these are routed to the public IP address), whereas the rest have to activate the VPN and then that routes to the VPN private address.

My PHP header checks the SERVER['HTTP_HOST'] and will detect e.g. "clinicABC.example.com" and present the branding for ABC Clinic.