diff --git a/src/jobs.rs b/src/jobs.rs
index fe27678..c9806ac 100644
--- a/src/jobs.rs
+++ b/src/jobs.rs
@@ -3,8 +3,8 @@ use crate::errors::CrabError;
 use crate::storage;
 use chrono::Utc;
 use sea_orm::{
-    ActiveModelTrait, ColumnTrait, DatabaseConnection, EntityTrait, IntoActiveModel, QueryFilter,
-    Set,
+    ActiveModelTrait, ColumnTrait, DatabaseConnection, EntityTrait, IntoActiveModel, NotSet,
+    QueryFilter, Set,
 };
 use tokio_cron_scheduler::{Job, JobScheduler};
 use tracing::{error, info};
@@ -144,7 +144,7 @@ pub async fn start_job_execution(
     let now = Utc::now().timestamp();
 
     let execution = job_execution::ActiveModel {
-        id: Set(0), // Will be auto-generated
+        id: NotSet, // Auto-generated by database
         job_name: Set(job_name.to_string()),
         started_at: Set(now),
         completed_at: Set(None),
diff --git a/src/jwks.rs b/src/jwks.rs
index c844751..590d7d4 100644
--- a/src/jwks.rs
+++ b/src/jwks.rs
@@ -46,7 +46,17 @@ impl JwksManager {
 
         // Ensure JWKS file exists or update from private_jwk
         if !cfg.jwks_path.exists() {
-            let public = private_jwk.to_public_key()?;
+            let mut public = private_jwk.to_public_key()?;
+            // Copy metadata from private key to public key
+            if let Some(kid) = private_jwk.key_id() {
+                public.set_key_id(kid);
+            }
+            if let Some(alg) = private_jwk.algorithm() {
+                public.set_algorithm(alg);
+            }
+            if let Some(use_) = private_jwk.key_use() {
+                public.set_key_use(use_);
+            }
             let jwk_val: Value = serde_json::to_value(public)?;
             let jwks = json!({ "keys": [jwk_val] });
             fs::write(&cfg.jwks_path, serde_json::to_string_pretty(&jwks)?)?;
diff --git a/src/settings.rs b/src/settings.rs
index 2c8d4ce..3f465ae 100644
--- a/src/settings.rs
+++ b/src/settings.rs
@@ -7,6 +7,7 @@ pub struct Settings {
     pub server: Server,
     pub database: Database,
     pub keys: Keys,
+    #[serde(default)]
     pub federation: Federation,
 }
 
diff --git a/src/storage.rs b/src/storage.rs
index 4025804..3509534 100644
--- a/src/storage.rs
+++ b/src/storage.rs
@@ -1342,7 +1342,7 @@ mod tests {
         let test_db = TestDb::new().await;
         let db = test_db.connection();
 
-        let token = issue_access_token(&db, "test_subject", "test_client_id", "openid profile",
+        let token = issue_access_token(&db, "test_client_id", "test_subject", "openid profile",
             3600, // TTL
         )
             .await
@@ -1356,7 +1356,7 @@ mod tests {
         let test_db = TestDb::new().await;
         let db = test_db.connection();
 
-        let token = issue_access_token(&db, "test_subject", "test_client_id", "openid profile",
+        let token = issue_access_token(&db, "test_client_id", "test_subject", "openid profile",
             3600, // TTL
         )
             .await
@@ -1377,7 +1377,7 @@ mod tests {
         let test_db = TestDb::new().await;
         let db = test_db.connection();
 
-        let token = issue_access_token(&db, "test_subject", "test_client_id", "openid profile",
+        let token = issue_access_token(&db, "test_client_id", "test_subject", "openid profile",
             3600, // TTL
         )
             .await
@@ -1409,7 +1409,7 @@ mod tests {
         let test_db = TestDb::new().await;
         let db = test_db.connection();
 
-        let token = issue_access_token(&db, "test_subject", "test_client_id", "openid profile",
+        let token = issue_access_token(&db, "test_client_id", "test_subject", "openid profile",
             3600, // TTL
         )
             .await