diff --git a/src/events/http/createJWTAuthScheme.js b/src/events/http/createJWTAuthScheme.js
index 3fc7afe42..c885640b8 100644
--- a/src/events/http/createJWTAuthScheme.js
+++ b/src/events/http/createJWTAuthScheme.js
@@ -54,11 +54,15 @@ export default function createAuthScheme(jwtOptions) {
         }
 
         if (
-          !jwtOptions.audience.includes(aud) &&
+          jwtOptions.audience.filter((x) =>
+            Array.isArray(aud) ? aud.includes(x) : aud === x,
+          ).length === 0 &&
           !jwtOptions.audience.includes(clientId)
         ) {
-          serverlessLog(`JWT Token not from correct audience`)
-          return Boom.unauthorized('JWT Token not from correct audience')
+          serverlessLog(`JWT Token does not contain correct audience`)
+          return Boom.unauthorized(
+            'JWT Token does not contain correct audience',
+          )
         }
 
         let scopes = null
diff --git a/tests/integration/jwt-authorizer/jwt-authorizer.test.js b/tests/integration/jwt-authorizer/jwt-authorizer.test.js
index 0e9fbb30f..ca3b8a6d4 100644
--- a/tests/integration/jwt-authorizer/jwt-authorizer.test.js
+++ b/tests/integration/jwt-authorizer/jwt-authorizer.test.js
@@ -58,6 +58,11 @@ const correctAudience = {
 }
 delete correctAudience.client_id
 
+const multipleCorrectAudience = {
+  ...correctAudience,
+  aud: [baseJWT.client_id, 'https://api.example.com/'],
+}
+
 const noScopes = {
   ...baseJWT,
 }
@@ -104,6 +109,21 @@ describe('jwt authorizer tests', () => {
       status: 200,
     },
 
+    {
+      description:
+        'Valid JWT with multiple audience values (one matching single configured audience)',
+      expected: {
+        status: 'authorized',
+        requestContext: {
+          claims: multipleCorrectAudience,
+          scopes: ['profile', 'email'],
+        },
+      },
+      jwt: multipleCorrectAudience,
+      path: '/dev/user1',
+      status: 200,
+    },
+
     {
       description: 'Valid JWT with scopes',
       expected: {
@@ -144,7 +164,7 @@ describe('jwt authorizer tests', () => {
       expected: {
         statusCode: 401,
         error: 'Unauthorized',
-        message: 'JWT Token not from correct audience',
+        message: 'JWT Token does not contain correct audience',
       },
       jwt: wrongClientId,
       path: '/dev/user1',
@@ -155,7 +175,7 @@ describe('jwt authorizer tests', () => {
       expected: {
         statusCode: 401,
         error: 'Unauthorized',
-        message: 'JWT Token not from correct audience',
+        message: 'JWT Token does not contain correct audience',
       },
       jwt: wrongAudience,
       path: '/dev/user1',