Hello,
I have a question regarding "JWT Response for OAuth Token Introspection"
(draft-02).
https://datatracker.ietf.org/doc/draft-ietf-oauth-jwt-introspection-response/?include_text=1
How to determine the value of "aud" in the response JWT?
The example payload uses "https://protected.example.n
This is not an easy question to answer, as resource servers in OAuth have never
really had a strong identity (or identifier) within the OAuth ecosystem. The
Resource Identifiers draft [1] tries to address this somewhat. In practice,
many resource servers are registered and stored as “clients” at
