I have found an answer for one of the two problems I have, and is that I haven't readed completely the JOSE-JWT repo, it says:
var payload = new Dictionary<string, object>(){ { "sub", "mr.x@contoso.com" }, { "exp", 1300819380 }};var publicKey=... //Load it from there you needstring token = Jose.JWT.Encode(payload, publicKey, JweAlgorithm.RSA_OAEP, JweEncryption.A256GCM);I have realized tha Bouncy Castle is only a API to manipulate public-private keys, the encryptation-decrypting work is done by JOSE-JWT. So, my question is solved.
