diff --git a/kong/plugins/jwt/access.lua b/kong/plugins/jwt/access.lua
index 23500b706f5e..a7dc064112cc 100644
--- a/kong/plugins/jwt/access.lua
+++ b/kong/plugins/jwt/access.lua
@@ -65,10 +65,10 @@ function _M.execute(conf)
 
   local claims = jwt.claims
 
-  local jwt_secret_key = claims.iss
+  local jwt_secret_key = claims[conf.secret_key_field]
   if not jwt_secret_key then
     ngx.ctx.stop_phases = true
-    return responses.send_HTTP_UNAUTHORIZED("No mandatory 'iss' in claims")
+    return responses.send_HTTP_UNAUTHORIZED("No mandatory '"..conf.secret_key_field.."' in claims")
   end
 
   -- Retrieve the secret
@@ -83,7 +83,7 @@ function _M.execute(conf)
 
   if not jwt_secret then
     ngx.ctx.stop_phases = true
-    return responses.send_HTTP_FORBIDDEN("No credentials found for given 'iss'")
+    return responses.send_HTTP_FORBIDDEN("No credentials found for given '"..conf.secret_key_field.."'")
   end
 
   -- Now verify the JWT signature
@@ -111,7 +111,7 @@ function _M.execute(conf)
   -- However this should not happen
   if not consumer then
     ngx.ctx.stop_phases = true
-    return responses.send_HTTP_FORBIDDEN(string_format("Could not find consumer for '%s=%s'", "iss", jwt_secret_key))
+    return responses.send_HTTP_FORBIDDEN(string_format("Could not find consumer for '%s=%s'", conf.secret_key_field, jwt_secret_key))
   end
 
   ngx.req.set_header(constants.HEADERS.CONSUMER_ID, consumer.id)
diff --git a/kong/plugins/jwt/schema.lua b/kong/plugins/jwt/schema.lua
index ce45fd2c2265..37892478207c 100644
--- a/kong/plugins/jwt/schema.lua
+++ b/kong/plugins/jwt/schema.lua
@@ -2,6 +2,7 @@ return {
   no_consumer = true,
   fields = {
     uri_param_names = {type = "array", default = {"jwt"}},
+    secret_key_field = {type = "string", default = "iss"},
     claims_to_verify = {type = "array", enum = {"exp", "nbf"}}
   }
 }