EDIT: The issue magically resolved itself, so I suspect AzureAD either acting up or being reconfigured during the day. I decoded my IdToken again now that it works and concluded
