diff --git a/requirements/main.txt b/requirements/main.txt
index 59513665703c..7051fe68617f 100644
--- a/requirements/main.txt
+++ b/requirements/main.txt
@@ -1717,9 +1717,9 @@ pygments==2.18.0 \
     # via
     #   readme-renderer
     #   rich
-pyjwt[crypto]==2.8.0 \
-    --hash=sha256:57e28d156e3d5c10088e0c68abb90bfac3df82b40a71bd0daa20c65ccd5c23de \
-    --hash=sha256:59127c392cc44c2da5bb3192169a91f429924e17aff6534d70fdc02ab3e04320
+pyjwt[crypto]==2.9.0 \
+    --hash=sha256:3b02fb0f44517787776cf48f2ae25d8e14f300e6d7545a4315cee571a415e850 \
+    --hash=sha256:7e1e5b56cc735432a7369cbfa0efe50fa113ebecdc04ae6922deba8b84582d0c
     # via
     #   -r requirements/main.in
     #   pyjwt
diff --git a/tests/unit/oidc/test_services.py b/tests/unit/oidc/test_services.py
index 37ec3bc0deea..b9646897bdb7 100644
--- a/tests/unit/oidc/test_services.py
+++ b/tests/unit/oidc/test_services.py
@@ -972,15 +972,14 @@ def test_decodes_token_jwk_roundtrip(self):
 
         assert decoded == {"foo": "bar"}
 
-    def test_decodes_token_typeerror_on_pyjwk(self):
+    def test_decodes_token_pyjwk(self):
         privkey_jwk = PyJWK.from_json(algorithms.RSAAlgorithm.to_jwk(self._privkey))
         pubkey_jwk = PyJWK.from_json(algorithms.RSAAlgorithm.to_jwk(self._pubkey))
 
         token = jwt.encode({"foo": "bar"}, privkey_jwk.key, algorithm="RS256")
+        decoded = jwt.decode(token, pubkey_jwk, algorithms=["RS256"])
 
-        # Passing a `PyJWK` directly into `jwt.decode` does not work.
-        with pytest.raises(TypeError, match=r"Expecting a PEM-formatted key\."):
-            jwt.decode(token, pubkey_jwk, algorithms=["RS256"])
+        assert decoded == {"foo": "bar"}
 
     def test_decode_strict_aud(self):
         token = jwt.encode(