I've encountered with the same issue and found the fix.

According to this comment on github the Iat claim requires to be set using epoch time. In your code we can see it is set using standard string format, which worked fine in previous versions.

Change this line:

new Claim(JwtRegisteredClaimNames.Iat, DateTime.UtcNow.ToString())

To this:

new Claim(JwtRegisteredClaimNames.Iat, new DateTimeOffset(DateTime.UtcNow).ToUnixTimeSeconds().ToString(), ClaimValueTypes.Integer64)

But as @Shaik Abid Hussain said, adding options.UseSecurityTokenValidators = true to your .AddAuthentication() should work, because it reverts to the legacy token validation behavior from .net 6 and 7, but it didn't worked for me.