If you have an API that will be called from different application then you should consider sending an appropriate access token instead of the ID token. For reference information see (Authentication and Authorization Flows), but the main point is that an ID token is a token issued always in association with the particular client that started the authentication and an access token is a token that can be requested for a specific API identifier.
The above means that multiple applications (client identifiers) will be able to request an access token to the same API and the audience claim in that access token will be API identifier itself. This way you maintain audience validation in the API while also allowing multiple application to obtain tokens for the API.