PieterKas opened this issue a year ago · 1 comments
It is unclear what is meant by this processing rule for token exchange "In cases where federation to any authorization server is deliberate unknown resource or audience identifiers MAY be allowed."
Fixed in ci=ommit #18