diff --git a/spid_cie_oidc/__init__.py b/spid_cie_oidc/__init__.py
index 4910b9ec..ed9d4d87 100644
--- a/spid_cie_oidc/__init__.py
+++ b/spid_cie_oidc/__init__.py
@@ -1 +1 @@
-__version__ = "0.7.3"
+__version__ = "0.7.4"
diff --git a/spid_cie_oidc/onboarding/schemas/authn_requests.py b/spid_cie_oidc/onboarding/schemas/authn_requests.py
index d4682947..e5512b31 100644
--- a/spid_cie_oidc/onboarding/schemas/authn_requests.py
+++ b/spid_cie_oidc/onboarding/schemas/authn_requests.py
@@ -140,7 +140,11 @@ class AuthenticationRequest(BaseModel):
     state: constr(min_length=32)
     # TODO: to be improved
     ui_locales: Optional[List[str]]
-    sub: HttpUrl
+    
+    # sub claim MUST not be used to prevent that this jwt
+    # could be reused as a private_key_jwt
+    # sub: HttpUrl
+    
     iss: HttpUrl
     iat: int
     exp: Optional[int]
diff --git a/spid_cie_oidc/relying_party/views/rp_begin.py b/spid_cie_oidc/relying_party/views/rp_begin.py
index 1affa21c..22075fe0 100644
--- a/spid_cie_oidc/relying_party/views/rp_begin.py
+++ b/spid_cie_oidc/relying_party/views/rp_begin.py
@@ -177,7 +177,10 @@ def get(self, request, *args, **kwargs):
         # add the signed request object
         authz_data_obj = deepcopy(authz_data)
         authz_data_obj["iss"] = client_conf["client_id"]
-        authz_data_obj["sub"] = client_conf["client_id"]
+        
+        # sub claim MUST not be used to prevent that this jwt
+        # could be reused as a private_key_jwt
+        # authz_data_obj["sub"] = client_conf["client_id"]
 
         request_obj = create_jws(authz_data_obj, entity_conf.jwks_core[0])
         authz_data["request"] = request_obj