diff --git a/.env b/.env
index cbd4d820..abcf3542 100644
--- a/.env
+++ b/.env
@@ -25,5 +25,6 @@ IAM_COMMUNITY_CLAIM_NAME=
 IAM_COMMUNITY_ROLE_ADMIN=
 IAM_COMMUNITY_ROLE_PUBLISHER=
 IAM_COMMUNITY_ROLE_READER=
+IAM_ISSUER=
 IAM_URL=
 SECRET_KEY_BASE=[secret key string for signed cookies]
diff --git a/app/services/parse_iam_access_token.rb b/app/services/parse_iam_access_token.rb
index ad0b7970..68cea846 100644
--- a/app/services/parse_iam_access_token.rb
+++ b/app/services/parse_iam_access_token.rb
@@ -57,8 +57,8 @@ def decoded_token # rubocop:todo Metrics/AbcSize, Metrics/MethodLength
         {
           algorithm: matching_key['alg'],
           verify_iat: true,
-          verify_iss: true,
-          iss: iam_realm_url
+          verify_iss: iam_issuer.present?,
+          iss: iam_issuer
         }
       )[0]
     end
@@ -124,6 +124,10 @@ def fetch_env_var(name)
     raise "#{name} env variable is missing"
   end
 
+  def iam_issuer
+    ENV.fetch('IAM_ISSUER', nil)
+  end
+
   def iam_realm_url
     fetch_env_var('IAM_URL')
   end