Cloudflare Access makes extensive use of JWTs in the
CF_Authorization cookie and elsewhere as well.
OpenID Providers supporting Discovery MUST make a JSON document available at the path formed by concatenating the string /.well-known/openid-configuration to the Issuer.
Final: OpenID Connect Discovery 1.0 incorporating errata set 2
However, when concactenating the above well-known uri to the
iss value, it returns a 404, kindly fix this so that it’ll be easier to manually verify signatures and help this conform the JWTs to well-known standards.