Worked on security hardening for the Temporal Server by developing a configurable JWT audience validation feature. This addition, implemented in Go, was integrated directly into the server’s authorization flow within the temporalio/temporal repository, enabling deployments to enforce audience checks as part of token verification. The approach aligned with OAuth2 and OIDC standards, supporting stricter access control without introducing operational complexity. The work involved backend development, API security, and configuration management, focusing on reliability and maintainability. By wiring audience validation into the core authorization logic, the update improved the security posture of Temporal Server across diverse deployment environments.