Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Token is valid but required audience is missing #158

Open
gautierrog opened this issue Jun 28, 2023 · 1 comment
Open

Token is valid but required audience is missing #158

gautierrog opened this issue Jun 28, 2023 · 1 comment

Comments

@gautierrog
Copy link

gautierrog commented Jun 28, 2023
edited
Loading

Hello,

I'm making a token-based authentication in one of my flask application. I also use keycloak.

When the token is being verified it's expected to have client id in aud claim. AFAIK the aud claim being optional I'm confused with this requirement.

The message I get:
INFO : Token is valid but required audience is missing.
@infohash
Copy link
Contributor

infohash commented Jul 2, 2023
edited
Loading

Okay, I will make it optional in the upcoming version. I missed the line where it says it's optional to enforce. I have checked it now:

https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.3

Until then, you can add your client_id in audience. In Client scopes , create a token mapper called Audience and add your client_id in the mapper.

Will be fixed in #161

@infohash infohash mentioned this issue Jul 2, 2023
Open
@infohash infohash mentioned this issue Aug 21, 2023
Open
# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@infohash @gautierrog