@agbichpuriya

The private RSA key should not be present in your JWT. The public key should not be present either, but a kid should be present in the header identifying the public/private keypair that was used to sign the JWT.

Please share a sample JWT with this issue.