The endpoint can contain a domain, yes. However, the correct behavior is to look up that domain using the DNS server that exists prior to turning on WireGuard. Otherwise you'd have a chicken&egg problem with tunnel-only accessible DNS servers.