By default, the JWT decode only allows HS256 mode (HMAC using SHA-256
hash algorithm). The specs using RSA tokens failed per
https://github.com/jwt/ruby-jwt#algorithms-and-usage:

It is strongly recommended that you hard code the algorithm, as you may
leave yourself vulnerable by dynamically picking the algorithm.