I’m glad to see you are using the default authorization server.
Check a couple things for me:
- Are you setting the issuer in your widget / auth js?
- If you are, is the issuer the same as your default authorization server?
- Double check that the [my okta url] is correct
If you want to do some troubleshooting, you can drop the access token JWT into jsonwebtoken.io and get the kid field from the jwt header. After you get the kid, you can check your authorization server’s keys by going to https://[my okta org].com/oauth2/default/v1/keys
This will give you the list of public keys by ID.
Hope this information helps you troubleshoot. Let me know if you still have problems!