Locking down audience with password-realm grant

I have two versions of an API: prod and dev. So I defined two separate API’s, clients and connections/realms. I need to use the password-realm grant to support some legacy functionality.

The problem is that if I have valid credentials from the dev realm, I can use the dev client and request a token for the prod audience. Then I can use that access_token to make requests to the prod API and the token will be validated.

How can I lock down the audience so that only users from the prod realm, using the prod client can request tokens for the prod audience?

When I go to API settings > Non-Interactive Clients I disable all the clients but that doesn’t have any effect on the password-realm grant.

I’m thinking of creating a Rule that will check the requested audience against the connection used to authenticate the user and if there’s a mismatch, denying the request. I really thought there was some out of the box solution though. It feels like I’m misunderstanding something and working against the grain.