diff --git a/src/Esquio.UI.Client/Program.cs b/src/Esquio.UI.Client/Program.cs
index 02702037..8390e646 100644
--- a/src/Esquio.UI.Client/Program.cs
+++ b/src/Esquio.UI.Client/Program.cs
@@ -30,6 +30,7 @@ public static async Task Main(string[] args)
 
             var isAzureAd = builder.Configuration.GetValue<bool>("Security:IsAzureAd");
             var authority = builder.Configuration.GetValue<string>("Security:Authority");
+            var audience = builder.Configuration.GetValue<string>("Security:Audience");
             var clientId = builder.Configuration.GetValue<string>("Security:ClientId");
             var scope = builder.Configuration.GetValue<string>("Security:Scope");
             var responseType = builder.Configuration.GetValue<string>("Security:ResponseType");
@@ -53,10 +54,11 @@ public static async Task Main(string[] args)
                     options.ProviderOptions.ClientId = clientId;
                     options.ProviderOptions.ResponseType = responseType;
                     options.ProviderOptions.DefaultScopes.Add(scope);
+                    options.ProviderOptions.AdditionalProviderParameters.Add(nameof(audience), audience);
                 });
             }
 
-           
+
             builder.Services.AddAuthorizationCore(options =>
             {
                 options.AddPolicy(Policies.Reader, builder => builder.AddRequirements(new PolicyRequirement(Policies.Reader)));
@@ -72,7 +74,7 @@ public static async Task Main(string[] args)
             builder.Services.AddScoped<IAuthorizationHandler, PolicyRequirementHandler>();
 
 
-            var host =  builder.Build();
+            var host = builder.Build();
 
             var jsRuntime = builder.Services.BuildServiceProvider().GetRequiredService<IJSRuntime>();
             await jsRuntime.InvokeVoidAsync("addAuthenticationScript", new object[] { isAzureAd });