jwt-proxy is a small OAuth2 proxy service that wraps OAuth access tokens from 3rd party OAuth providers like Google, Facebook or Github into signed JWT tokens
The cert url in the token eases the rollout process for new certs. It should contain some kind of versioning so in case of a "lost" JWT token not all tokens have to be revoked but only the affected one need to be re-created with a new cert