diff --git a/CHANGELOG.md b/CHANGELOG.md
index da90c7b..28a0e4b 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -8,6 +8,10 @@ and this project adheres to
 
 ## [Unreleased]
 
+### Changed
+
+- 🐛(joserfc) refactor JWT handling with joserfc library updates #35
+
 ## [0.0.17] - 2025-10-27
 
 ### Added
diff --git a/pyproject.toml b/pyproject.toml
index a7c70cd..ef53d77 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -30,7 +30,7 @@ dependencies = [
     "django>=5.0",
     "djangorestframework>=3.15.2",
     "mozilla-django-oidc>=4.0.1",
-    "joserfc>=1.0.4",
+    "joserfc>=1.4.0",
     "requests>=2.32.3",
     "requests-toolbelt>=1.0.0",
 ]
diff --git a/src/lasuite/oidc_resource_server/utils.py b/src/lasuite/oidc_resource_server/utils.py
index 94570fb..3e3b7b5 100644
--- a/src/lasuite/oidc_resource_server/utils.py
+++ b/src/lasuite/oidc_resource_server/utils.py
@@ -2,7 +2,7 @@
 
 from django.conf import settings
 from django.core.exceptions import ImproperlyConfigured
-from joserfc.jwk import JWKRegistry
+from joserfc import jwk
 
 
 def import_private_key_from_settings():
@@ -32,11 +32,9 @@ def import_private_key_from_settings():
     if not private_key_str:
         raise ImproperlyConfigured("OIDC_RS_PRIVATE_KEY_STR setting is missing or empty.")
 
-    private_key_pem = private_key_str.encode()
-
     try:
-        private_key = JWKRegistry.import_key(
-            private_key_pem,
+        private_key = jwk.import_key(
+            private_key_str,
             key_type=settings.OIDC_RS_ENCRYPTION_KEY_TYPE,
             parameters={"alg": settings.OIDC_RS_ENCRYPTION_ALGO, "use": "enc"},
         )