issue in parsing token

[it-s-Ari]

Current Behavior

when using OIDC, the app cannot parse tokens if the tenant is set to multi-tenant properly. some info from the token will be lost.

Steps to Reproduce

1. Deploy Dependency-Track with OIDC authentication enabled.
2. Configure the application to use an external identity provider (e.g., Microsoft Entra ID) with the tenant set to multi-tenant.
3. Configure the OIDC settings (issuer, client ID, client secret, redirect URI) according to the provider documentation.
4. Assign users from a different tenant to the application.
5. Attempt to log in using a user account from the external tenant.
6. After successful authentication at the identity provider, observe the token returned to Dependency-Track.
7. The application fails to parse the token correctly, resulting in missing claims (groups).
8. Login either fails completely or succeeds with incomplete user information and incorrect authorization behavior.

Expected Behavior

whether multi or single tenant set, the token returned should properly be parsed and show all information without losing it.

Dependency-Track Version

4.7.x

Dependency-Track Distribution

Container Image

Database Server

PostgreSQL

Database Server Version

No response

Browser

Google Chrome

Checklist

• I have read and understand the contributing guidelines
• I have checked the existing issues for whether this defect was already reported

[soumen1102]

We are also using dependency track and I also started seeing this behavior since 1st April , nothing was changed , no change done on Entra ID side , no change done to dependency track configuration . This is what the log prints in DEBUG

ERROR [OidcIdTokenAuthenticator] ID token validation failed

Any ways to get some more information on what exactly is missing , I remember in older version of Dependency track it was even printing the token in the logs in DEBUG mode but not apparently it does not prints the token. As a fall back we are moving back our users to username / password.