diff --git a/action.yml b/action.yml
index 3af26db..6152310 100644
--- a/action.yml
+++ b/action.yml
@@ -72,6 +72,7 @@ inputs:
   jwtGithubAudience:
     description: 'Identifies the recipient ("aud" claim) that the JWT is intended for'
     required: false
+    default: 'sigstore'
   jwtTtl:
     description: 'Time in seconds, after which token expires'
     required: false
diff --git a/dist/index.js b/dist/index.js
index 8ac7918..e8d24fc 100644
--- a/dist/index.js
+++ b/dist/index.js
@@ -1253,7 +1253,7 @@ async function retrieveToken(method, client) {
             const githubAudience = core.getInput('jwtGithubAudience', { required: false });
 
             if (!privateKey) {
-                jwt = await core.getIDToken(githubAudience || 'sigstore')
+                jwt = await core.getIDToken(githubAudience)
             } else {
                 jwt = generateJwt(privateKey, keyPassword, Number(tokenTtl));
             }
diff --git a/src/auth.js b/src/auth.js
index 6395d45..ba89eeb 100644
--- a/src/auth.js
+++ b/src/auth.js
@@ -33,7 +33,7 @@ async function retrieveToken(method, client) {
             const githubAudience = core.getInput('jwtGithubAudience', { required: false });
 
             if (!privateKey) {
-                jwt = await core.getIDToken(githubAudience || 'sigstore')
+                jwt = await core.getIDToken(githubAudience)
             } else {
                 jwt = generateJwt(privateKey, keyPassword, Number(tokenTtl));
             }