njwt icon indicating copy to clipboard operation
njwt copied to clipboard

Published 20 hours ago verified publisher icon jwtk

Library does not seem to comply with 'aud' claim verification

Open chadjaros opened this issue 6 years ago • 0 comments

The JWT RFC specifies that if the Audience is provided in the token, the verifier MUST provide the matching audience or the validation MUST fail.

https://tools.ietf.org/html/rfc7519#section-4.1.3

This does not seem to be enforced at this time.

chadjaros avatar Jul 09 '18 14:07 chadjaros