If I get an access_token from OKTA and paste it into the JWT website it says the signature is validated. If I create a JWT token myself and signed with JWSAlgorithm.HS256 and paste it into the JWT website it says the signature is NOT validated.
How does JWT make the claim the signature is valid for the OKTA JWT token?
