diff --git a/integration/adapter-core/src/main/java/org/keycloak/adapters/authentication/JWTClientCredentialsProvider.java b/integration/adapter-core/src/main/java/org/keycloak/adapters/authentication/JWTClientCredentialsProvider.java
index c8e2378..0c5dd72 100644
--- a/integration/adapter-core/src/main/java/org/keycloak/adapters/authentication/JWTClientCredentialsProvider.java
+++ b/integration/adapter-core/src/main/java/org/keycloak/adapters/authentication/JWTClientCredentialsProvider.java
@@ -107,6 +107,7 @@ public class JWTClientCredentialsProvider implements ClientCredentialsProvider {
JsonWebToken reqToken = new JsonWebToken();
reqToken.id(AdapterUtils.generateId());
reqToken.issuer(clientId);
+ reqToken.subject(clientId);
reqToken.audience(realmInfoUrl);
int now = Time.currentTime();
diff --git a/services/src/main/java/org/keycloak/authentication/authenticators/client/JWTClientAuthenticator.java b/services/src/main/java/org/keycloak/authentication/authenticators/client/JWTClientAuthenticator.java
index 96f81cb..4416f4d 100644
--- a/services/src/main/java/org/keycloak/authentication/authenticators/client/JWTClientAuthenticator.java
+++ b/services/src/main/java/org/keycloak/authentication/authenticators/client/JWTClientAuthenticator.java
@@ -77,7 +77,7 @@ public class JWTClientAuthenticator extends AbstractClientAuthenticator {
JsonWebToken token = jws.readJsonContent(JsonWebToken.class);
RealmModel realm = context.getRealm();
- String clientId = token.getIssuer();
+ String clientId = token.getSubject();
if (clientId == null) {
throw new RuntimeException("Can't identify client. Issuer missing on JWT token");
}
