Keycloak Token Verification Issue

Question

I have integrated Microsoft IdP to Keycloak, I am trying to use the feature in my spring application.

**Step1: I get AuthCode from** 

https://auth.test.ai/realms/test-microsoft/protocol/openid-connect/auth?client_id=test-client&redirect_uri=http://localhost:8081/authorize/callback&state=1234&response_mode=query&response_type=code 

**Step 2: I use this AuthCode that I collect in the redirect URI to get access token from** 

http://localhost:8080/realms/zupaloop-realm/protocol/openid-connect/token

grant_type:authorization_code
client_id:test-client
redirect_uri:http://localhost:8081/authorize/callback
code:55a4ddf0-f57d-4619-b475-2066de2a145c.caf633c1-97fe-4bb1-9c1e-34f857dd7716.5460f6c8-f1cf-474b-9b7a-f1c70cdbe807

Then when I try to validate the token using below security config that is through validate endpoint it says www-authenticate: Bearer error="invalid_token",error_description="An error occurred while attempting to decode the Jwt: Signed JWT rejected: Another algorithm expected,or no matching key(s) found",error_uri="https://tools.ietf.org/html/rfc6750#section-3.1"

//Security Config
@Configuration
@EnableWebSecurity
class SecurityConfiguration (
    private val jwtAuthConverter: JwtAuthConverter
) {

    @Bean
    fun corsConfigurationSource(): CorsConfigurationSource {
        val config = CorsConfiguration()
        config.allowedOrigins = listOf("*")
        config.allowedMethods = listOf("GET", "POST", "PUT", "DELETE", "OPTIONS")
        config.allowedHeaders = listOf("*")
        config.addAllowedHeader("Content-Type")
        val source = UrlBasedCorsConfigurationSource()
        source.registerCorsConfiguration("/**", config)
        return source
    }

    @Bean
    fun corsFilter(corsConfigurationSource: CorsConfigurationSource): CorsFilter {
        return CorsFilter(corsConfigurationSource)
    }

    @Bean
    fun filterChain(http: HttpSecurity): SecurityFilterChain {
        http
            .cors { cors ->
                cors.configurationSource(corsConfigurationSource())
            }
            .csrf().disable()
            .authorizeHttpRequests { authz ->
                authz
                    .requestMatchers(HttpMethod.POST, "/authorize/login", "/authorize/signup", "/authorize/refreshtoken", "/authorize/callback", "authorize/login/microsoft").permitAll()
                    .requestMatchers(HttpMethod.POST, "/authorize/validator").authenticated()
                    .anyRequest().permitAll()
            }
            .oauth2ResourceServer{
                it
                    .jwt()
                    .jwtAuthenticationConverter(jwtAuthConverter)
            }
            .sessionManagement{
                it
                    .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
            }
            .httpBasic().disable()
        return http.build()
    }

}