You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Ran into the same issue, seems like this is coming from the jwt library that does the claim validation. They already have an issue open for this, but not a lot of response there from the maintainers: square/go-jose#286
Unfortunately they also don't use go modules, so it's difficult to replace it with a fork.
Describe the problem
When we set multiple audience and jwt only have one audience. then we got authentication error.
jwt payload is like below
error is like below.
if we set only 1 audience. then we get success authentication
What was the expected behavior?
In my understanding,
if one of the audiences we set matches one of the client-side audiences, the authentication should succeed.
My understanding is correct?
Reproduction
please see
Describe the problem
Environment
Version of
go-jwt-middleware
used: v2.0.1The text was updated successfully, but these errors were encountered: