Web Policy Agents 5.9.1

Agent Profile ID Allow List

The claims to validate in the ID token containing the end user’s session:

  • 0: Validate the aud and nonce claim.

  • 1: Validate the nonce claim; don’t validate the aud claim.

A comma-separated list of profile IDs that the agent considers as valid values for the aud claim. This claim is represented in the ID token containing the end user’s session.

When several agents are configured with different agent profiles to protect the same application, set this property to a list of the agent profiles that are protecting the same application.

With the following setting, the agent considers agentprofile1 and agentprofile2 to be valid, and does not validate them: com.forgerock.agents.jwt.aud.whitelist=agentprofile1,agentprofile2

Default: Empty

Property name


Property aliases

com.forgerock.agents.jwt.aud.whitelist (since 5.7)



Bootstrap property


Required property


Restart required


AM console tab


Copyright © 2010-2022 ForgeRock, all rights reserved.