Currently, NGINX Plus OIDC Reference Implementation doesn't use aud claim in the request of IdP authorization endpoint. - Auth0 returns empty payload in the access token from the token endpoint.
NGINX Developer Portal needs the access token that contains custom claims to handle partner APIs.
AC:
Investigate and document how to add custom claims that contains groups and sub-groups.
Reference implementation to handle aud claims in the request of IdP authorization endpoint.
Guideline: OIDC Policy for the customizable parameters for the IdP authorization endpoint.
ACM converter update if necessary based on the change of reference implementation.
Background:
audclaim in the request of IdP authorization endpoint. - Auth0 returns empty payload in the access token from the token endpoint.AC:
groupsandsub-groups.audclaims in the request of IdP authorization endpoint.