Add ability to specify audience and issuer to validate token claims against #182
Labels
enhancement
New feature or request
Comments
|
Hi! Unfortunately, since this is special behavior not defined in the RFCs, I cannot accept such a feature. If you're confident in your design, I would recommend forking the repo and implement it yourself. 😊 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the feature you'd like
Hi!
Currently the audience is calculated from the app_client_id and the issuer comes from the openId config. It would be really helpful to specify the audience and issuer to validate the token claims instead. Making them additional parameters in the AzureAuthorizationCodeBearerBase setup would be perfect.
Additional context
The way our azure application registration is set up is quite customised and does not give the expected claims. This would allow us to account for this.
Many thanks!
The text was updated successfully, but these errors were encountered: