It means you must authorise each issuer and client Id with Tyk first, and bind those to a policy.
You don’t need to modify the token.
The above example was done using Tyk Cloud, the JWT token was added as a header:
Authorization: Bearer {token}
You need to use the JWT ID Token to access your APIs. It’s likely there’s a problem with the issuer / client is in your config (e.g. Missing https://).