Set audience on request

[korsvanloon]

Currently the audience can only be configured upon plugin creation. However the audience is dependent on the request if I understand it correctly.

This is what ChatGPT told me:

Audience (aud) Claim:

The "audience" claim (aud) identifies the intended recipient(s) for the JWT. It specifies who the JWT is meant for. In the context of an ecommerce website, the audience might be a specific service or application that needs to process the JWT. > For example, it could be the ecommerce application that provides personalized user experiences. Example: If the JWT is intended for a mobile app associated with the ecommerce website, the aud claim could be set to the identifier or name of that mobile app.

[mvantellingen]

The audience should indicate for which app the token is. So it should be set to my-commerce-site.com for example. So this is static. The subject is the user identifier

[korsvanloon]

But you can have 1 GraphQL gateway for multiple clients. E.g. my-commerce-site.nl, my-commerce-site.fr, a mobile app, or even some kind of dashboard.