From 122643f14315c7b4ef62296669ac9bc4d8b07089 Mon Sep 17 00:00:00 2001
From: Paul Graham <paul.graham@coprime.co.uk>
Date: Fri, 14 Aug 2020 11:49:21 +0100
Subject: [PATCH] allow multiple audiences

---
 src/SFA.DAS.EmployerAccounts.Api/Startup.cs | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/SFA.DAS.EmployerAccounts.Api/Startup.cs b/src/SFA.DAS.EmployerAccounts.Api/Startup.cs
index 602d9ed2bf..960a613b91 100644
--- a/src/SFA.DAS.EmployerAccounts.Api/Startup.cs
+++ b/src/SFA.DAS.EmployerAccounts.Api/Startup.cs
@@ -11,13 +11,13 @@ public class Startup
     {
         public void Configuration(IAppBuilder app)
         {
-            app.UseWindowsAzureActiveDirectoryBearerAuthentication(new WindowsAzureActiveDirectoryBearerAuthenticationOptions
+            _ = app.UseWindowsAzureActiveDirectoryBearerAuthentication(new WindowsAzureActiveDirectoryBearerAuthenticationOptions
             {
                 Tenant = ConfigurationManager.AppSettings["idaTenant"],
                 TokenValidationParameters = new System.IdentityModel.Tokens.TokenValidationParameters
                 {
                     RoleClaimType = "http://schemas.microsoft.com/ws/2008/06/identity/claims/role",
-                    ValidAudience = ConfigurationManager.AppSettings["idaAudience"]
+                    ValidAudiences = ConfigurationManager.AppSettings["idaAudience"].ToString().Split(',')
                 }
             });
         }