RobertAlbus
commented
11 months ago Commit log needs work.
It would be great to be able to configure if the cid check should be bypassed. I have a scenario where cid is not critical, as the configuration is wide open within the walled garden. I still want to be able to validate audience, scope, etc. just not the cid. @adithyasampatoor are you open to that kind of feature request? I can log an issue if so.
cid check only if we have cid in claims, in my case, I do not have cid in claims. The package just error out. I add a check there to avoid that.