A very common issue with the JWS EC signatures is the signature format. If you're using a ready-made JWS library it will hopefully already do this correctly, but if you're doing the signing by yourself check that you're using PKCS#11 signatures (raw r+s values concatenated, no encoding) and not the also very common DSS signatures (DER encoded version of r+s).
For instance, in certbot/josepy (which uses Python's cryotography package), you have to call decode_dss_signature on the signature generated by cryptography to get the raw values from the DSS DER (and then properly concatenate them). Other libraries might give you PKCS#11 ECDSA signatures directly - this varies from implementation to implementation.