Note that this will enable you to set a global public key to verify the access token from the user. However, the access token's (not the same as an ID token) payload is not that of a standard JWT, so it also depends on what you want to do with the access token once it's signature is verified