diff --git a/lib/openid_connect/response_object/id_token.rb b/lib/openid_connect/response_object/id_token.rb
index e06e677..58ffebf 100644
--- a/lib/openid_connect/response_object/id_token.rb
+++ b/lib/openid_connect/response_object/id_token.rb
@@ -21,9 +21,9 @@ def initialize(attributes = {})
         self.auth_time = auth_time.to_i unless auth_time.nil?
       end
 
-      def verify!(expected = {})
+      def verify!(expected = {}, skip_issuer = false)
         raise ExpiredToken.new('Invalid ID token: Expired token') unless exp.to_i > Time.now.to_i
-        raise InvalidIssuer.new('Invalid ID token: Issuer does not match') unless iss == expected[:issuer]
+        raise InvalidIssuer.new('Invalid ID token: Issuer does not match') unless (iss == expected[:issuer] || skip_issuer == true)
         raise InvalidNonce.new('Invalid ID Token: Nonce does not match') unless nonce == expected[:nonce]
 
         # aud(ience) can be a string or an array of strings
diff --git a/spec/openid_connect/response_object/id_token_spec.rb b/spec/openid_connect/response_object/id_token_spec.rb
index 388b303..799b76f 100644
--- a/spec/openid_connect/response_object/id_token_spec.rb
+++ b/spec/openid_connect/response_object/id_token_spec.rb
@@ -79,6 +79,18 @@
       end
     end
 
+    context 'when issuer is invalid and skip_issuer is set' do
+      it do
+        expect do
+          id_token.verify!({
+            issuer: 'invalid_issuer',
+            client_id: attributes[:aud]},
+            false
+          )
+        end.to raise_error OpenIDConnect::ResponseObject::IdToken::InvalidToken
+      end
+    end
+
     context 'when issuer is missing' do
       it do
         expect do