We currently we don't allow the "aud" field in an authorization token. This leads to the following problems:
- the default keycloak configuration added an "aud" field and it took us a while to remove it
- i cannot make oidc-provider-mock produce tokens without "aud" field :/
There are two solutions from my perspective:
- enforce the "aud" field, e.g. "binda" or "binda-api"
- ignore it (i.e. allow any value)
We currently we _don't allow_ the "aud" field in an authorization token. This leads to the following problems:
- the default keycloak configuration added an "aud" field and it took us a while to remove it
- i cannot make oidc-provider-mock produce tokens without "aud" field :/
There are two solutions from my perspective:
- enforce the "aud" field, e.g. "binda" or "binda-api"
- ignore it (i.e. allow any value)