When I test the signature at jwt.io it says invalid signature.
If I change any detail in the decoded part and then change it back - it presents a new and valid signature.
If I take that new signature and try and use it instead of the one I auto generate - it still fails.
What am I missing? I’ve read through a bunch of the other “invalid access token” threads (thats how I learned about jwt-io) but I dont see anything specific to this case.