22Ağu
Bypassing OpenID Connect audience claim with implicit grant
As an example, let’s look at how authentication works with Kubernetes:
Specifically, let’s focus on what the api server does. To authenticate the request, it:
Verifies that the JWT signature is valid
Checks that the JWT isn’t expired
…