Hello @dimm0 and welcome to the OpenZiti community!
What you're describing sounds a lot like what unfolded in this thread. If I'm right, the issue is being tracked with Secondary Auth via ext-jwt-signer fails · Issue #919 · openziti/ziti-sdk-c · GitHub .
Do you see anything like this in your controller log?
"error":"primary external jwt processing failed on authentication policy [ukNZvLkSy4J2B2BUmaXVt]: primary external jwt authentication on auth policy is disabled"
Thanks!