diff --git a/LaunchServer/src/main/java/pro/gravit/launchserver/auth/core/openid/OpenIDAuthenticator.java b/LaunchServer/src/main/java/pro/gravit/launchserver/auth/core/openid/OpenIDAuthenticator.java
index 5e0f9e0b..2500331d 100644
--- a/LaunchServer/src/main/java/pro/gravit/launchserver/auth/core/openid/OpenIDAuthenticator.java
+++ b/LaunchServer/src/main/java/pro/gravit/launchserver/auth/core/openid/OpenIDAuthenticator.java
@@ -36,7 +36,10 @@ public class OpenIDAuthenticator {
     public OpenIDAuthenticator(OpenIDConfig openIDConfig) {
         this.openIDConfig = openIDConfig;
         var keyLocator = loadKeyLocator(openIDConfig);
-        this.jwtParser = Jwts.parser().keyLocator(keyLocator)
+        this.jwtParser = Jwts.parser()
+                .keyLocator(keyLocator)
+                .requireIssuer(openIDConfig.issuer())
+                .requireAudience(openIDConfig.clientId())
                 .build();
     }
 
diff --git a/LaunchServer/src/main/java/pro/gravit/launchserver/auth/core/openid/OpenIDConfig.java b/LaunchServer/src/main/java/pro/gravit/launchserver/auth/core/openid/OpenIDConfig.java
index 395f2046..2d4f3bae 100644
--- a/LaunchServer/src/main/java/pro/gravit/launchserver/auth/core/openid/OpenIDConfig.java
+++ b/LaunchServer/src/main/java/pro/gravit/launchserver/auth/core/openid/OpenIDConfig.java
@@ -3,7 +3,8 @@
 import java.net.URI;
 
 public record OpenIDConfig(URI tokenUri, String authorizationEndpoint, String clientId, String clientSecret,
-                           String redirectUri, URI jwksUri, String scopes, ClaimExtractorConfig extractorConfig) {
+                           String redirectUri, URI jwksUri, String scopes, String issuer,
+                           ClaimExtractorConfig extractorConfig) {
 
     public record ClaimExtractorConfig(String usernameClaim, String uuidClaim) {}
 }