Konubinix' opinionated web of thoughts

Audience Claim


one of the specified jwt claim that helps mitigate the cross jwt confusion. The resource server must ensure that it belongs to the audience, or a malicious client might ask for a token with high privileges for another use case and use that token to get access to unintended uses.

Notes linking here