my authentication process is working correctly when using the endpoin /auth, that means, after enter user and password, I’m receiving the code and id_token on the callback url.
But, if I enable the options to encrypt the id_token (ID Token Signature Algorithm=PS256, ID Token Encryption Key Management Algorithm=RSA-OAEP and ID Token Encryption Content Encryption Algorithm=A256GCM) I receive the error Unexpected error when handling authentication request to identity provider.
In the logs I can see the message: “can not get encryption KEK”.
My client is using as key a jwks url (https://keystore.sandbox.directory.openbankingbrasil.org.br/8292c33e-d95a-5fe7-8f27-dd7a95c68b55/9b944914-5ca5-431a-b30f-8e2f5d9c46aa/application.jwks)
What I’m missing? Do I need to add something more on my request to make it work? Or on my JWKS file?