Making a request for id token in oauth/token with audience returns unexpected aud value

Hi, this seems to be an entirely undocumented flow, but when requesting an access_token using the oauth/token endpoint, I want a JWT instead of an Opaque token. When I give the parameter audience (the unique audience id in my application, in the form of a URL), what I get back in the token is a random string of chars and not the expected value of our audience. Is there deeper documentation around this flow so that I can build to it?

On second look, it looks like the audience encrypted in the JWT token is the Client Id and not the audience value. Is this expected?