aud claim

RU: aud claim

The aud claim in a JWT (RFC 7519) identifies the intended recipients of the token — typically a resource server URI or client ID. If the processing party does not find its own identifier in aud, it must reject the token. Validating aud prevents token confusion attacks where a token issued for one service is replayed against another.