Could you check the following two points?
1. key use field
To encrypt ID token by your client public key, you need to tell keycloak that the key is used for KEK (Key Encryption Key).
I have found that your key’s use field is
Could you change it as follows?
2. use JWKS URI client setting
To make keycloak get your public key, you need to ask keycloak to do so.
Login to keycloak as admin.
Move to the following page.
Clients -> [your app] -> Keys
Set the following switch to ON.
Use JWKS URL
Enter the URL through which you provide your keys to the following setting box.
You received this message because you are subscribed to the Google Groups "Keycloak Dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to keycloak-dev...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/keycloak-dev/CAOZXnhStgxrK31_7zagYO31Mu1wAc2B5QuQHq81%3DkJVCNpEKUA%40mail.gmail.com.