Uploaded image for project: 'Red Hat 3scale API Management'
  1. Red Hat 3scale API Management
  2. THREESCALE-7006

"aud" claim is required in APIcast JWT validation

XMLWordPrintable

    • Icon: Feature Request Feature Request
    • Resolution: Can't Do
    • Icon: Major Major
    • None
    • None
    • Gateway
    • False
    • False
    • Not Started
    • Not Started
    • Not Started
    • Not Started
    • Not Started
    • Not Started
    • Undefined

      The OIDC integration with AWS Cognito (IdM) fails with this error:

      JWT: "jwt] failed verification for token, reason: 'aud' claim is required

      APIcast is requiring the claim "aud" when this claim, in the Json Web Token spec https://tools.ietf.org/html/rfc7519#section-4.1.3 , is optional. 

      It would be nice set this field as an "optional" in the JWT validation.

       

       

              Unassigned Unassigned
              sgutierr@redhat.com Sergio Gutierrez Romero
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: