The JWT could be parsed, but the claims in the payload section are invalid.
- One of the required claims is missing.
- For JWTs used as part of Public Key Client Validation, we require two custom claims:
- “hrh” - HTTP headers that were included when calculating the request hash
- “rqh” - The hash of the HTTP request
- Make sure you are using the latest Twilio Helper Library
- For the details on JWTs used as part of Public Key Client Validation, see the documentation
- To check whether the JWT is structurally correct, you can use the tools available at jwt.io.