Hey @fblbg25 – I would recommend using our ready-built Postman collection to test out API calls through Postman. It has the necessary pre-request script to build out the JWT header based on your API info. You can download it and see setup instructions here: Postman Guide.
Given the need to include iat /exp times, a nonce, and bodyHash, it’s difficult to say exactly what the issue is without looking at the script building your JWT object. In any case, the Postman collection in the link above has this already implemented if you’d like to compare against your own implementation. From a quick check, I the algorithm should be RS256, and the payload is missing some additional values like nonce, iat, exp, and bodyhash (explained here).