There could be several things going on - First, can you verify that you have updated the signing algorithm in the application settings? You can do so by navigating to the application (client_id) in your Auth0 dashboard → Advanced → OAuth.
What type of app is the application (web, SPA, etc.)?
Thanks for confirming! Strange as I’m unable to reproduce on my end currently I did notice that your client id is that of a SPA application, what happens if you create a Web App in Auth0 and use that instead here?
If you are using an API registered in Auth0 you will need to have the algorithm set to HS256 there as well.
Additionally, you may want to consider using RS256 if possible: