Hi Ruslan,
regarding audience temporal I set it in my wso2 configuration so it should not be an issue.
Considering the mTLS configuration, please let me know if you find the reason.
I followed the suggestion provided me in post JWT token and mTLS switching - #3 by marimp8888 (I successfully used it for tctl and it should work also for web ui).
Great Thanks
Marco