JWT Signing keys are not found when application has custom signing keys in Azure AD

[tuomovee]

JWT signature validation fails to discover signing keys when the application has custom signing keys - for example due to usage of the claims-mapping feature.

This can be resolved by appending query parameter "appid" with value matching client/application id to the discovery URL.