The audience argument for @endpoints.api should be optional

[bigunyak]

The documentation states the following:

If the "aud" (audience) claim in a JWT token matches the Cloud Endpoints service name, then Endpoints Frameworks validates the audience and ignores the values set in the audiences argument in the @endpoints.api decorator. For example, if your service name is "myservice.appspot.com", then a JWT with "aud" set to "myservice.appspot.com" or "https://myservice.appspot.com" is a valid audience.

That doesn't seem to work.
Following an example described on this page, I generate a Google ID token and set TARGET_AUD with https://[SERVICE_NAME], where [SERVICE_NAME] is the value of the host entry in the API configuration file. Then I expect the audience argument to be ignored as it's stated in the docs but it's actually still required.
The interesting thing is that it's optional and works as expected when authentication arguments are configured in @endpoints.method. That could be related to another bug (#64) that exposes differences between @endpoints.api and @endpoints.method.