Thanks @prashant I do have an API configured. I have also tried removing the audience and pointed to a Client but it still gives the same claims. I believe the token I have is an access_token? I recognized my sub claim as the clientId of the API I called?
I read debugging can help reading the HAR? But I’m not sure which endpoint would be best to check? Also the file generated is too big to attach here?