The JavaScript client libraries I maintain (both of them [1][2]) follow the updated audience value guidance and only use a single value being the issuer identifier by default. Users can inject their own additional audience values for compatibility with legacy deployments.
[1]: https://github.com/panva/oauth4webapi [2]: https://github.com/panva/openid-client S pozdravem, *Filip Skokan* On Tue, 24 Feb 2026 at 20:05, Rifaat Shekh-Yusef <[email protected]> wrote: > All, > > As part of the shepherd write-up for the *Updates to OAuth 2.0 JSON Web > Token (JWT) Client Authentication and Assertion-Based Authorization Grants* > document, > we are looking for information about implementations of this draft to > support its publication. > https://datatracker.ietf.org/doc/draft-ietf-oauth-rfc7523bis/ > > Please, reply to this email, on the mailing list, with any implementations > that you are aware of to support this document. > > Regards, > Rifaat > > _______________________________________________ > OAuth mailing list -- [email protected] > To unsubscribe send an email to [email protected] >
_______________________________________________ OAuth mailing list -- [email protected] To unsubscribe send an email to [email protected]
