Thank you for posting this in Microsoft Q&A.
This error message seems like there is an issue with the key extracted from the id_token not matching with any of the keys retrieved.
In order to fix this issue, please follow the below steps:
1.Ensure you've selected the correct signing algorithm (RS256) The header of the JWT contains information about the key and encryption method used to sign the token.
2.Verify that the kid (key ID) received from the JWKS URI matches the kid extracted from the token
3.Check that the iss (issuer) claim in the JWT matches the expected value. If the iss claim does not match, it could indicate that the JWT was issued by a different OpenID Connect provider.
4.Ensure you have entered correct tenant id.
You can also refer to this post where similar issue has been discussed:
Hope this helps. Do let us know if you any further queries.
Thanks,
Navya.