Background information on RS256 here: https://auth0.com/blog/navigating-rs256-and-jwks/

Utilizing RS256 (as an option) to sign JWTs means that a shared secret won't need to be shared with applications to verify the validity of the token (likely currently applications assume tokens are valid without checking signature).

Two applications that I tested using our OIDC well-known endpoint, which are Sourcegraph and Smallstep CA, fail due to them needing to verify tokens they receive.

I'm willing to payout a bounty of $100USD on this (minus whatever bogus fees paypal requires), and pay that directly to contributor who completes this ticket. This is instead of using bounty source as they takes slightly more off top than paypal directly (I'm going this way to incentivise completion even slightly more).

cc: @jonasfranz

Edit: For this ticket please also create a jwks_uri and add it to the wellknown oidc endpoint.