I have a front-end SPA and several backend services with different client_id, let’s say “spa”, “service1”, “service2”. I initiate the authentication flow with my SPA, and I wanna get an ID Token that “aud” equals to [“service1”, “service2”] and “azp” equals to “spa”.
So, how can I do that? I didn’t find where I can specify the audience values in an id_token.
I have tried to add an audience parameter appended to the authorization endpoint but I got the audience in the access_token, not the id_token. I know that there are two types of audience concept of id_token and access_token. My service1 and service2 are both Relying Party Client, not Resource Service, so they should consume id tokens.