Audiences in Jwt are not allowed

I am trying to follow the Client Credentials flow. I am able to get an access token using

curl --request POST \
  --url <domain>/oauth/token \
  --header 'content-type: application/json' \
  --data '{"client_id":"<client_id>","client_secret":"<client_secret>","audience":"<domain>/api/v2/","grant_type":"client_credentials"}'

When I try to use the generated Access Token, I get 403 Audiences in Jwt are not allowed

Question: Why does the generated access_token has aud claim set to <domain>/api/v2 instead of the client_id? The usual behaviour that we see when using a UI application.

Hey there @sahil2 welcome to the community!

How exactly are you attempting to use this access token? The audience of <domain>/api/v2 is specifically used to get Management API access tokens. The audience claim will always be an API identifier, either your own registered API or the Management API.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.