Would it be reasonable to support decoding using a lookup_key(&str) -> Option<&DecodingKey> function? This would allow the decoding to not have to create a validation per known key with varying issuer validation.

Or perhaps this is way off target with how JWTs are meant to be used? But it feels weird to have to "guess" at which decoding key to use if it is based on the iss field.

I took a peek at the code and it would require a bit of surgery and "stuttering" of decoding to extract out just the iss field before moving onto validation.