diff --git a/APPL/Shared/loginTry.asp b/APPL/Shared/loginTry.asp
index 6fd63efdff..b257c6e4db 100644
--- a/APPL/Shared/loginTry.asp
+++ b/APPL/Shared/loginTry.asp
@@ -112,7 +112,8 @@ if (user_key < 0 && jwt)
 
     var sql = "SELECT *"
             + "  FROM fac_idp"
-            + " WHERE fac_idp_issuer = " + safe.quoted_sql(claim.payload.iss)
+            + " WHERE fac_idp_type = 4" // JWT
+            + "   AND fac_idp_issuer = " + safe.quoted_sql(claim.payload.iss)
             + "   AND fac_idp_audience = " + safe.quoted_sql(claim.payload.aud);
     var oRs = Oracle.Execute(sql);
     if (oRs.Eof)