diff --git a/.changeset/purple-colts-guess.md b/.changeset/purple-colts-guess.md
new file mode 100644
index 00000000..cb8442ee
--- /dev/null
+++ b/.changeset/purple-colts-guess.md
@@ -0,0 +1,5 @@
+---
+"@saleor/app-sdk": patch
+---
+
+WIP
diff --git a/src/verify-jwt.ts b/src/verify-jwt.ts
index e9f5a4d2..43e8012e 100644
--- a/src/verify-jwt.ts
+++ b/src/verify-jwt.ts
@@ -61,7 +61,11 @@ export const verifyJWT = async ({
 
     const JWKS = jose.createRemoteJWKSet(new URL(getJwksUrlFromSaleorApiUrl(saleorApiUrl)));
     debug("Trying to compare JWKS with token");
-    await jose.jwtVerify(token, JWKS);
+    await jose.jwtVerify(token, JWKS, {
+      crit: {
+        b64: true,
+      },
+    });
   } catch (e) {
     debug("Failure: %s", e);
     debug("Will return with Bad Request");
diff --git a/src/verify-signature.ts b/src/verify-signature.ts
index 78f7f411..f12df3fc 100644
--- a/src/verify-signature.ts
+++ b/src/verify-signature.ts
@@ -23,6 +23,9 @@ export const verifySignatureFromApiUrl = async (
     protected: header,
     payload: rawBody,
     signature: jwsSignature,
+    header: {
+      b64: true,
+    },
   };
 
   const remoteJwks = jose.createRemoteJWKSet(
@@ -52,6 +55,9 @@ export const verifySignatureWithJwks = async (jwks: string, signature: string, r
     protected: header,
     payload: rawBody,
     signature: jwsSignature,
+    header: {
+      b64: true,
+    },
   };
 
   let localJwks: jose.FlattenedVerifyGetKey;