diff --git a/package-lock.json b/package-lock.json
index e2c33c06..a7f1310e 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,12 +1,12 @@
 {
   "name": "@adobe/helix-html-pipeline",
-  "version": "5.14.5",
+  "version": "5.14.6",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "@adobe/helix-html-pipeline",
-      "version": "5.14.5",
+      "version": "5.14.6",
       "license": "Apache-2.0",
       "dependencies": {
         "@adobe/helix-markdown-support": "7.1.12",
@@ -20,7 +20,7 @@
         "hast-util-to-html": "9.0.5",
         "hast-util-to-string": "3.0.1",
         "hastscript": "9.0.1",
-        "jose": "5.10.0",
+        "jose": "6.0.6",
         "lodash.escape": "4.0.1",
         "mdast-util-to-hast": "13.2.0",
         "mdast-util-to-string": "4.0.0",
@@ -5579,9 +5579,9 @@
       }
     },
     "node_modules/jose": {
-      "version": "5.10.0",
-      "resolved": "https://registry.npmjs.org/jose/-/jose-5.10.0.tgz",
-      "integrity": "sha512-s+3Al/p9g32Iq+oqXxkW//7jk2Vig6FF1CFqzVXoTUXt2qz89YWbL+OwS17NFYEvxC35n0FKeGO2LGYSxeM2Gg==",
+      "version": "6.0.6",
+      "resolved": "https://registry.npmjs.org/jose/-/jose-6.0.6.tgz",
+      "integrity": "sha512-FFF9x3KcdRJgQo74X8e6I4D1h3Wtd27fEo0suijveKFc+HFz6M5gonqxFPnDos9ulJFRqMNqWI6NexiHQPSnfQ==",
       "license": "MIT",
       "funding": {
         "url": "https://github.com/sponsors/panva"
diff --git a/package.json b/package.json
index 8adc785e..491f0521 100644
--- a/package.json
+++ b/package.json
@@ -54,7 +54,7 @@
     "hast-util-to-html": "9.0.5",
     "hast-util-to-string": "3.0.1",
     "hastscript": "9.0.1",
-    "jose": "5.10.0",
+    "jose": "6.0.6",
     "lodash.escape": "4.0.1",
     "mdast-util-to-hast": "13.2.0",
     "mdast-util-to-string": "4.0.0",
diff --git a/test/html-pipe.test.js b/test/html-pipe.test.js
index df321243..4e256054 100644
--- a/test/html-pipe.test.js
+++ b/test/html-pipe.test.js
@@ -88,7 +88,9 @@ describe('HTML Pipe Test', () => {
   });
 
   it('handles /.auth route', async () => {
-    const keyPair = await generateKeyPair('RS256');
+    const keyPair = await generateKeyPair('RS256', {
+      extractable: true,
+    });
     const { privateKey, publicKey } = keyPair;
     const env = {
       HLX_ADMIN_IDP_PUBLIC_KEY: JSON.stringify({
diff --git a/test/utils/auth.test.js b/test/utils/auth.test.js
index cb610cc2..891f9503 100644
--- a/test/utils/auth.test.js
+++ b/test/utils/auth.test.js
@@ -46,7 +46,9 @@ describe('Auth Test', () => {
   let env;
 
   before(async () => {
-    const keyPair = await generateKeyPair('RS256');
+    const keyPair = await generateKeyPair('RS256', {
+      extractable: true,
+    });
     privateKey = keyPair.privateKey;
     env = {
       HLX_ADMIN_IDP_PUBLIC_KEY: JSON.stringify({
@@ -300,7 +302,9 @@ describe('Init Auth Route tests', () => {
   let env;
 
   before(async () => {
-    const keyPair = await generateKeyPair('RS256');
+    const keyPair = await generateKeyPair('RS256', {
+      extractable: true,
+    });
     privateKey = keyPair.privateKey;
     env = {
       HLX_ADMIN_IDP_PUBLIC_KEY: JSON.stringify({
@@ -377,7 +381,9 @@ describe('AuthInfo tests', () => {
   let env;
 
   before(async () => {
-    const keyPair = await generateKeyPair('RS256');
+    const keyPair = await generateKeyPair('RS256', {
+      extractable: true,
+    });
     privateKey = keyPair.privateKey;
     env = {
       HLX_ADMIN_IDP_PUBLIC_KEY: JSON.stringify({