Project

General

Profile

Bug #29386

Updated by Rahul Bajaj 6 months ago

Keycloak had interpretted the `aud` parameter to be the client_id in the previous version and have changed the
meaning of it in the newer versions. We must use another parameter in the JWT to validate.

Another reason why we need to change the validation parameter is also that:
-> We create different clients for hammer and foreman both, in the settings we have just one option to mention
the client_id, therefore the user will have to change the client id each time he they use hammer or foreman.
-> My suggestion, for validation there are other fields too that we can test rather than `aud`. Therefore this change is required.

Back