Ensure audience validation on access token

thehyve / transmart-core

Core components and documentation of the tranSMART platform. https://i2b2transmart.org/

GNU General Public License v3.0

13 stars 13 forks source link

Ensure audience validation on access token #458

Closed ewelinagr closed 5 years ago

ewelinagr commented 5 years ago

According to OIDC specification: "The Client MUST validate that the aud (audience) Claim contains its client_id value registered at the Issuer identified by the iss (issuer) Claim as an audience."

Related ticket: TMT-383