https://github.com/ena-infrastructure/specifications/blob/39a659490c1d1bbaeb6e32f93fab0ef82b4fee61/ena-oauth2-profile.md#82-cryptographic-algorithms requires both RS256 and ES256 to be supported (with their respective families as RECOMMENDED).
That would make sense during a migration scenario, but given that this is effectively greenfield I think it'd make sense to pick one winner (for now) and go with it. Supporting both wouldn't help much with interop anyway, since you're saddling everyone with that support burden.
HS256 support is also inherited from RFC7518, but can at least be justified by having a different use case (symmetric vs asymmetric crypto). Then again, symmetric signatures aren't really useful in a federation context without separate key negotiation anyway.
https://github.com/ena-infrastructure/specifications/blob/39a659490c1d1bbaeb6e32f93fab0ef82b4fee61/ena-oauth2-profile.md#82-cryptographic-algorithms requires both RS256 and ES256 to be supported (with their respective families as RECOMMENDED).
That would make sense during a migration scenario, but given that this is effectively greenfield I think it'd make sense to pick one winner (for now) and go with it. Supporting both wouldn't help much with interop anyway, since you're saddling everyone with that support burden.
HS256 support is also inherited from RFC7518, but can at least be justified by having a different use case (symmetric vs asymmetric crypto). Then again, symmetric signatures aren't really useful in a federation context without separate key negotiation anyway.