@Sanka, Sri Naga Sai Pravallika (Cognizant) Thanks for your patience! Required-signed-tokens = false simply removes the requirement for the incoming token to have a signature. However, if the incoming token has a signature, it will be validated, and an error is thrown if the signature is invalid. In the scenario above, it seems like the token does have a signature, so the error is expected.
do let me know incase of further queries, I would be happy to assist you.