I am using device authentication code flow and I’d like to access which audience the client tries to access.
The audience is set while doing POST request to https://<MY_DOMAIN>/oauth/device/code. However, when user authenticated himself, the context in the rule is missing the audience. Specifically,
both context.request.query and context.request.body are empty. And, afaik, the rules are only executed for user authentication so no rule will be executed for post request mentioned above (since it just returns a link for user to authenticate).
auth0 sets this audience to accessToken in the end, maybe it could be available somewhere?
I’d appreciate if you can help on this.