Using Application Server REST API with Keycloak

Hey folks.
With ChirpStack and Keycloak instances running, the integration of ChirpStack’s UI is done (i.e. login to ChirpStack Web UI via Keycloak is ready).
Now I’m trying hard to get the Application Server’s REST API running with Keyklock.
Using a Web generated JWT (copy/paste from API-Key-Generation) is not a soulution, since it must run w/o any user interaction.
Using a Keycloak generated JWT (bearer token) with the API is redeemed by "error": "authentication failed: jwt parse error: invalid algorithm". Also I don’t see any way in ChirpStack to configure Keycloak’s public key for validating the JWT’s signature.

Any help would be appreciated.

-Will