Consumer association with a JWT not working as expected

Any valid JWT token created works for ALL/ANY consumers, not getting filtered by the respective consumer for which the JWT was created. is this by design or a bug?

I’m using ACL to restrict consumers to specific groups and JWT created for a specific consumer, but kong allowed me to use a valid JWT created with the secret and key generated for a different consumer.

Do you have more details on how you configured your setup? (That is, what were the requests to create the various entities and how you configured them – feel free to redact any sensitive info)