Required to check for issuing domain? #69
Description
Looking for a JWT solution that can generate and use a consistent token across multiple domains including production, staging and local. One of the benefits of JSON Web Tokens is their ability to work across different server domains.
The original JWT Authentication for WP REST API plugin by Enrique Chavez requires that the iss domain match the sending domain of the POST request, or else an error is thrown like The iss do not match with this server"
Can this re-boot of the plugin not check for issuing domain? Not all JWTs require the sending domain match a domain in a parameter in the token. To get to the full benefit of JWTs, it'd be cool to get rid of the requirement for the issuing domain to match the domain of the POST request.
Thanks for any feedback.