Open mattiasmelin opened 3 days ago
Apparently it was using "nutid test".
Ingnore previous comment about wrong authorization server, I removed it.
The server URL for the test environment of the authorization server is https://nutid-auth-test.sunet.se, that's the reason why the issuer is set to https://nutid-auth-test.sunet.se. At the moment we are not using the "aud" claim. We might use it in the future to specify which client (organisation) the JWT is intended to.
We have check for allowed "aud" claims. Does this mean it can change at any time?
Accordning to https://github.com/skolverket/dnp-usermanagement/blob/main/authentication-api/README.md#verifiering-av-jwt-som-skickas-fr%C3%A5n-provtj%C3%A4nstens-ss12000-klient the audience should be "nutid"
"aud": "nutid",
Is this correct?
When we get a call from the test environment it seems to have some other audience. I cannot see the audience at the moment since we do not log the JWT token.