topic JWT with multiple aud values causes authentication error in Integration, Extension & APIs https://community.qlik.com/t5/Integration-Extension-APIs/JWT-with-multiple-aud-values-causes-authentication-error/m-p/2517964#M22198 <P>I have configured a virtual proxy in my&nbsp;<SPAN>Qlik Sense Enterprise for Windows instance with JWT authentication.</SPAN></P><P>&nbsp;</P><P><SPAN>The JWT I am providing in the Authorization header is generated by Auth0, and as such has two values for audience:</SPAN></P><P>&nbsp;</P><LI-CODE lang="javascript">"aud": [ "https://myapp.com", "https://anna-development.auth0.com/userinfo" ],</LI-CODE><P>&nbsp;</P><P>&nbsp;</P><P>I have the expected aud value in the virtual proxy set to "<A href="https://myapp.com" target="_blank" rel="noopener">https://myapp.com</A>".</P><P>&nbsp;</P><P>When attempting to authenticate with this JWT, Qlik logs this error:</P><P>Audit.Proxy.Proxy.SessionEstablishment.Authentication.JWT.JwtAuthenticationHandler [...] JWT contains aud claim with invalid value: System.Collections.ArrayList [..]</P><P>&nbsp;</P><P>An array is a valid value for the aud field in a JWT.</P><P>Qlik's documentation even references this <A href="https://help.qlik.com/en-US/sense-admin/November2024/Subsystems/DeployAdministerQSE/Content/Sense_DeployAdminister/QSEoW/Administer_QSEoW/Managing_QSEoW/JWT-authentication.htm" target="_self">here</A>&nbsp;(note that recipients is plural):</P><UL><LI>Audience (<SPAN class="">aud</SPAN><span class="lia-unicode-emoji" title=":disappointed_face:">😞</span> Identifies the recipients of the token.</LI></UL> Thu, 15 May 2025 14:20:26 GMT milesokeefe 2025-05-15T14:20:26Z JWT with multiple aud values causes authentication error https://community.qlik.com/t5/Integration-Extension-APIs/JWT-with-multiple-aud-values-causes-authentication-error/m-p/2517964#M22198 <P>I have configured a virtual proxy in my&nbsp;<SPAN>Qlik Sense Enterprise for Windows instance with JWT authentication.</SPAN></P><P>&nbsp;</P><P><SPAN>The JWT I am providing in the Authorization header is generated by Auth0, and as such has two values for audience:</SPAN></P><P>&nbsp;</P><LI-CODE lang="javascript">"aud": [ "https://myapp.com", "https://anna-development.auth0.com/userinfo" ],</LI-CODE><P>&nbsp;</P><P>&nbsp;</P><P>I have the expected aud value in the virtual proxy set to "<A href="https://myapp.com" target="_blank" rel="noopener">https://myapp.com</A>".</P><P>&nbsp;</P><P>When attempting to authenticate with this JWT, Qlik logs this error:</P><P>Audit.Proxy.Proxy.SessionEstablishment.Authentication.JWT.JwtAuthenticationHandler [...] JWT contains aud claim with invalid value: System.Collections.ArrayList [..]</P><P>&nbsp;</P><P>An array is a valid value for the aud field in a JWT.</P><P>Qlik's documentation even references this <A href="https://help.qlik.com/en-US/sense-admin/November2024/Subsystems/DeployAdministerQSE/Content/Sense_DeployAdminister/QSEoW/Administer_QSEoW/Managing_QSEoW/JWT-authentication.htm" target="_self">here</A>&nbsp;(note that recipients is plural):</P><UL><LI>Audience (<SPAN class="">aud</SPAN><span class="lia-unicode-emoji" title=":disappointed_face:">😞</span> Identifies the recipients of the token.</LI></UL> Thu, 15 May 2025 14:20:26 GMT https://community.qlik.com/t5/Integration-Extension-APIs/JWT-with-multiple-aud-values-causes-authentication-error/m-p/2517964#M22198 milesokeefe 2025-05-15T14:20:26Z