node-oauth2-jwt-bearer icon indicating copy to clipboard operation
node-oauth2-jwt-bearer copied to clipboard

Published 20 hours ago verified publisher icon auth0

Audience Checking shouldn't be forced

Open jag-eagle-technology opened this issue 1 year ago • 0 comments

Checklist

  • [X] I have looked into the Readme and Examples, and have not found a suitable solution or answer.
  • [X] I have searched the issues and have not found a suitable solution or answer.
  • [X] I have searched the Auth0 Community forums and have not found a suitable solution or answer.
  • [X] I agree to the terms within the Auth0 Code of Conduct.

Description

According to https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.3 the audience claim is OPTIONAL. I'm trying to verify a token without an audience by not providing the audience parameter to this library, but this doesn't appear to be supported.

Reproduction

  1. Leave audience undefined
  2. Assertion in code checks for defined audience => error

Additional context

No response

express-oauth2-jwt-bearer version

1.6.0

Node.js version

18.18.2

jag-eagle-technology avatar May 02 '24 04:05 jag-eagle-technology