Followed the Okta instructions for getting the JSON Web Key(s) for my client. However, token validation fails with a signature validation exception.
Per the JWK Spec one of the keys have a “use” of verify. The ones Okta returns are all sig. I also tried getting the validation key from the authentication server via your dashboard. The key is that same as the one from the JWK endpoint.
What’s the correct way to get the validation key to validate the JWT returned from the token endpoint?