Audience (aud) - CI/CD Glossary Definition
The audience claim (aud) names the intended recipient of a token; a verifier must reject a token whose audience does not match itself to prevent token reuse against the wrong service.
Why validate it
Without audience validation, a token minted for service A could be replayed against service B. Always check that aud equals your own identifier.
In CI/CD
When requesting an OIDC token, set the audience to the specific cloud or API you will call so it cannot be reused elsewhere.
Related guides
Claim - CI/CD Glossary DefinitionClaim: A claim is a name-value statement carried inside a token, such as `sub`, `iss`, or a custom field, tha…
Issuer (iss) - CI/CD Glossary DefinitionIssuer (iss): The issuer claim (`iss`) identifies the authority that minted a token; a verifier trusts a toke…
JSON Web Token (JWT) - CI/CD Glossary DefinitionJSON Web Token (JWT): A JSON Web Token (JWT) is a compact, URL-safe token (RFC 7519) with three base64url par…