I am trying to get id_token and access_token by using the implicit grant type: Implicit Flow with Form Post
https://<my_tenant>.auth0.com/authorize?audience=<my_audience>&response_type=id_token token&client_id=<my_client_id>&redirect_uri=http://localhost:3000/auth0-user&nonce=abc&state=123&scope=openid profile email
I have set the application to use HS256 by making it “OIDC incompliant”.
The audience parameter and its corresponding API setting has also been set to use the HS256 signing algo.
But when I receive the response, the access_token is in HS256 as expected but id_token is always RS256 signed.
How can I get id token in HS256?