I am trying to follow the Client Credentials flow. I am able to get an access token using
curl --request POST \
--url <domain>/oauth/token \
--header 'content-type: application/json' \
--data '{"client_id":"<client_id>","client_secret":"<client_secret>","audience":"<domain>/api/v2/","grant_type":"client_credentials"}'
When I try to use the generated Access Token, I get 403 Audiences in Jwt are not allowed
Question: Why does the generated access_token has aud
claim set to <domain>/api/v2
instead of the client_id? The usual behaviour that we see when using a UI application.