To receive an JWT instead of an Opaque Token I pass an Audience during /authorize. However, the Audience that I pass (explicitly) is dumped and replaced by “https://localhost:8787”
Where is this coming from? Funny enough, this seems to be concated (https://…) since i dont even run TLS locally.
Also why do I have to set an audience if it is dumped anyways? Just to mention, I dont have a default audience set in my tenant.
Also, the docs state (!) " It’s recommended to use a URI but it’s not actually necessary since this is just a unique identifier."
Why is the audience the expected to be the calling host?
If I create an API with “https://localhost:8787” everything works fine - but this is unexpected behaviour as far as I understand. I went 3 times through all of the docs , but did not find anything about this. Maybe someone can help