Is it necessary to verify iss claim in a jwt if the jwk_urls are configured?
I am using auth0, and I have a setup a custom domain. As a result, depending on how I login, I can have multiple iss claims, for example :
https://example.auth0.com
https://auth.example.com
So I have to configure all my backend services …