fix(cfg): fix borked /v1/security/*token API endpoints by disabling verify sub claim in JWT to be string type in PyJWT >= 2.10

fix(cfg): fix borked /v1/security/*token API endpoints by disabling verify sub claim in JWT to be string type in PyJWT >= 2.10 #65527