What value in JWT is adopted as the client id on 3scale
Issue
- We have a 3scale instance that'll be processing JWT OIDC tokens generated by a third-party. Does 3scale handle situations where there are multiple entries in the AUD claim?
Future JWT tokens will look something like this:
{
"permissions": [
{
"resource_id": "90ccc6fc-b296-4cd1-881e-089e1ee15957",
"resource_name": "Hello World Resource"
}
],
"exp": 1465314139,
"nbf": 0,
"iat": 1465313839,
"aud": ["abcde","12345"],
"active": true
}
If this token is sent to a 3scale API endpoint that's configured for OIDC and the Client ID is set to 12345
on the 3scale side (under the API Credentials section), will this token be honored?
Environment
- Red Hat 3scale API Management 2.4.0 On-Premises
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.