ValidateAudience: No allowed audience for client

Cantor, Scott cantor.2 at
Tue Jun 7 19:00:55 UTC 2022

On 6/7/22, 2:46 PM, "Cantor, Scott" <cantor.2 at> wrote:

    >    I cannot, however, find examples of setting an audience using the oidc-client.json or in the
    > OAuthRPMetadataProfile doc.

I fixed the missing reference in the profile page. The Client Credentials docs mention the JSON claim:

"There is no standard metadata representation for allowed audience, so this is an extension. In the case of JSON metadata, a claim called “audience” is used, while in SAML format, the <saml:Audience> element is used."

I'll add some metadata examples to the page when I have more time.

-- Scott

More information about the users mailing list