Ory is the largest open source community in the world for cloud software application security. We maintain advanced open source security software solving authentication, authorization, access control, application network security, and delegation. Ory implements a variety of industry and best-practice standards including OAuth 2.0 / OAuth 2.1, OpenID Connect, Zero Trust Networking, Google Zanzibar Policy Framework, FIDO2 U2F, WebAuthn, TOTP, and more.

Ory Community

Hi everyone. I'm TJ I am new user of oathkeeper.

Currently I setup oathkeeper to work with Keycloak.
I use token introspection from oathkeeper and I think it is very good.
I'm very grateful to join this group :clap:

Btw I've an issue related this audience field in this *<https://github.com/ory/oathkeeper/blob/e4e2263c7b97e47506919e29442efb395eaba99d/pipeline/authn/authenticator_oauth2_introspection.go#L90|CODE>*.
I got response from keycloak that the audience possible return a single string based on this documentation -&gt; *<https://openid.net/specs/openid-connect-core-1_0.html#IDTokenValidation|URL>*

Because of that, the response always failed to unmarshal.

Anyone face the similar issue / any suggestions ?

Thank you