Sin the applications token config have you set the token type to jwt? else you will get a token which you need to verify using token introspection in your backend
S(ok may have misread your message 
so the authentication works using a frontend (with pkce/implicit flow) but you are unsure how to create a jwt using an api (service user)?
so the authentication works using a frontend (with pkce/implicit flow) but you are unsure how to create a jwt using an api (service user)?Sok so frontend (user) to api works (with jwt) but then the backend (api) can't create a jwt to forward to the broker?
Sa jwt token should be generated by the user and forwared to the API using the authorization header
Authorization: Bearer <jwt access token> your springboot app should then use the given token and verify its validity etcShow is your user trying to send a request to the api?
Sok you need to use postman to generate the jwt token for you using the oauth2 authentication:
https://learning.postman.com/docs/sending-requests/authorization/oauth-20/
does this work for you?
https://learning.postman.com/docs/sending-requests/authorization/oauth-20/
does this work for you?
Swith that in place you can then send the token in your authorization header. from which your spring boot app can consume it and validate the user
Szitadel also has some examples using spring boot security for reference if you encounter issues verifying the token etc 
https://zitadel.com/docs/sdk-examples/java
https://zitadel.com/docs/sdk-examples/java
Sin postman? does the token you receive start with
ey ?Syou can check if its a valid jwt token by copying the whole thing and pasting it into https://jwt.io
Si think your grant type is off (spelling error)
Sand double check if you have changed the token type in your application
Syou are calling the keys endpoint. this endpoint is not for authorization.
Spostman can help with the heavy lifting for oauth2 auth