id	summary	reporter	owner	description	type	status	priority	milestone	component	version	resolution	keywords	cc	uname	nginx_version
1702	[NGINX Plus Openid connect]:audience check failed for array type field	chunilalkukreja@…		"With nginx plus openid connect feature, if the id_token has ""aud"" field of type array (json array object). It fails to validate the token & returns failure.
Error Log: 2019/01/04 19:55:11 [error] 3435#3435: *2 js: OIDC ID Token validation error: missing claim(s) aud

As a workaround, if i disable the audience check from openid_connect.js script everything works fine.

Eg:
""aud"": [
    ""https://identity.cloud.com/"",
    ""e46481793d7744178d5df02d2e7f9a3e""
  ],

Other Details:
I have tested this on google cloud by creating nginx plus VM instance from marketplace which installs latest nginx mainline version.
And also have tested this on my local setup using one month nginx plus free trial."	defect	closed	critical	nginx-1.15	nginx-package	1.15.x	invalid	openid	chuni.kukreja@…	Linux ubuntu 3.13.0-24-generic #46-Ubuntu SMP Thu Apr 10 19:11:08 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux	"NGINX Plus Release 17 (R17)
"