Istio complains that it cannot find the key to validate the JWT signature with from a JWKS list from Ping Federate. The entries in this list do not have an alg field.
The OIDC spec specifies that the alg field in the JWKS list is optional and that the value in the JWT header should be used to select the signature algorithm.
Is there a way to configure the RequestAuthentication and/or the AuthorizationPolicy to get this working with this JWKS list?
Cheers