The fields in a JWT token can be decoded by using online JWT parsing tools, e.g., jwt.io. If the JWT token is placed in the Authorization header in http requests, make sure the JWT token is valid (not expired, etc).
If jwksUri isn’t set, make sure the JWT issuer is of url format and url + /.well-known/openid-configuration can be opened in browser for example, if the JWT issuer is, make sure is a valid url and can be opened in a browser. Follow these steps to troubleshoot the policy specification. With Istio, you can enable authentication for end users through request authentication policies. Ensure proxies enforce policies correctly.Ensure Istiod distributes policies to proxies correctly.Pay attention to the action specified in the policy.Make sure the policy is applied to the correct target.Make sure you are NOT using HTTP-only fields on TCP ports.Make sure there are no typos in the policy YAML file.Authorization is too restrictive or permissive.
