mc-round2 commented on issue #11018: URL: https://github.com/apache/apisix/issues/11018#issuecomment-1988006124
There is no relevant logs no. I find it weird that the feature is not supported though... shouldn't this be a basic feature for an API Gateway? What is the point of having a token and not being able to verify that it is the correct one for the API that is trying to connect? I could find in other plugins the mention for the audience claim, so it is not unthought of. I tried before quite a few combinations using scopes and required_scopes but Im not sure Im understanding how to use them well enough (or if it is related to begin with) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
