API [JWT] - {"error":"invalid_grant","error_description":"Please check the 'sub' claim."...}

A developer receives the error:

{"error":"invalid_grant","error_description":"Please check the 'sub' claim. The 'sub' specified is invalid."} 

when using JWT Authentication.

Environment

A custom application using JWT authentication

Troubleshooting Steps

The "sub" claim in the JWT should always be a Box ID — depending on the value of "box_sub_type" it would be either the ID of the user you're trying to generate tokens for or the ID of the enterprise you're authenticating as the service account for. You want to verify this value is correct and that you're passing it as a string.