diff --git a/components/identity-extensions/org.wso2.carbon.identity.jwt.client.extension/src/main/java/org/wso2/carbon/identity/jwt/client/extension/JWTClient.java b/components/identity-extensions/org.wso2.carbon.identity.jwt.client.extension/src/main/java/org/wso2/carbon/identity/jwt/client/extension/JWTClient.java
index aea6607a9e..0ade855c71 100644
--- a/components/identity-extensions/org.wso2.carbon.identity.jwt.client.extension/src/main/java/org/wso2/carbon/identity/jwt/client/extension/JWTClient.java
+++ b/components/identity-extensions/org.wso2.carbon.identity.jwt.client.extension/src/main/java/org/wso2/carbon/identity/jwt/client/extension/JWTClient.java
@@ -46,8 +46,6 @@ import java.util.ArrayList;
 import java.util.List;
 import java.util.Map;
 
-;
-
 /**
  * this class represents an implementation of Token Client which is based on JWT
  */
@@ -70,7 +68,7 @@ public class JWTClient {
 			throws JWTClientException {
 		List<NameValuePair> params = new ArrayList<>();
 		params.add(new BasicNameValuePair(JWTConstants.GRANT_TYPE_PARAM_NAME, jwtConfig.getJwtGrantType()));
-		String assertion = JWTClientUtil.generateSignedJWTAssertion(username, jwtConfig, isDefaultJWTClient, false);
+		String assertion = JWTClientUtil.generateSignedJWTAssertion(username, jwtConfig, isDefaultJWTClient);
 		if (assertion == null) {
 			throw new JWTClientException("JWT is not configured properly for user : " + username);
 		}
@@ -85,7 +83,7 @@ public class JWTClient {
             throws JWTClientException {
         List<NameValuePair> params = new ArrayList<>();
         params.add(new BasicNameValuePair(JWTConstants.GRANT_TYPE_PARAM_NAME, jwtConfig.getJwtGrantType()));
-        String assertion = JWTClientUtil.generateSignedJWTAssertion(username, jwtConfig, isDefaultJWTClient, false);
+        String assertion = JWTClientUtil.generateSignedJWTAssertion(username, jwtConfig, isDefaultJWTClient);
         if (assertion == null) {
             throw new JWTClientException("JWT is not configured properly for user : " + username);
         }
@@ -105,7 +103,7 @@ public class JWTClient {
 			throws JWTClientException {
 		List<NameValuePair> params = new ArrayList<>();
 		params.add(new BasicNameValuePair(JWTConstants.GRANT_TYPE_PARAM_NAME, jwtConfig.getJwtGrantType()));
-		String assertion = JWTClientUtil.generateSignedJWTAssertion(username, jwtConfig, isDefaultJWTClient, false);
+		String assertion = JWTClientUtil.generateSignedJWTAssertion(username, jwtConfig, isDefaultJWTClient);
 		if (assertion == null) {
 			throw new JWTClientException("JWT is not configured properly for user : " + username);
 		}
@@ -189,16 +187,21 @@ public class JWTClient {
     }
 
     public String getJwtToken(String username) throws JWTClientException {
-		return JWTClientUtil.generateSignedJWTAssertion(username, jwtConfig, isDefaultJWTClient, false);
+		return JWTClientUtil.generateSignedJWTAssertion(username, jwtConfig, isDefaultJWTClient);
 	}
 
     public String getJwtToken(String username, Map<String, String> claims) throws JWTClientException {
-        return JWTClientUtil.generateSignedJWTAssertion(username, jwtConfig, isDefaultJWTClient, claims, false);
+        return JWTClientUtil.generateSignedJWTAssertion(username, jwtConfig, isDefaultJWTClient, claims);
     }
 
-	public String getJwtToken(String username, Map<String, String> claims, boolean isTenantMode) throws JWTClientException {
-		return JWTClientUtil.generateSignedJWTAssertion(username, jwtConfig, isDefaultJWTClient, claims, isTenantMode);
-	}
+    public String getJwtToken(String username, Map<String, String> claims, boolean enableTenantSigning)
+            throws JWTClientException {
+        if (enableTenantSigning) {
+            return JWTClientUtil.generateSignedJWTAssertion(username, jwtConfig, false, claims);
+        } else {
+            return getJwtToken(username, claims);
+        }
+    }
 }
 
 
diff --git a/components/identity-extensions/org.wso2.carbon.identity.jwt.client.extension/src/main/java/org/wso2/carbon/identity/jwt/client/extension/util/JWTClientUtil.java b/components/identity-extensions/org.wso2.carbon.identity.jwt.client.extension/src/main/java/org/wso2/carbon/identity/jwt/client/extension/util/JWTClientUtil.java
index 75ea7bfe31..d4c21f6e5a 100644
--- a/components/identity-extensions/org.wso2.carbon.identity.jwt.client.extension/src/main/java/org/wso2/carbon/identity/jwt/client/extension/util/JWTClientUtil.java
+++ b/components/identity-extensions/org.wso2.carbon.identity.jwt.client.extension/src/main/java/org/wso2/carbon/identity/jwt/client/extension/util/JWTClientUtil.java
@@ -207,13 +207,13 @@ public class JWTClientUtil {
 		tenantRegistryLoader.loadTenantRegistry(tenantId);
 	}
 
-	public static String generateSignedJWTAssertion(String username, JWTConfig jwtConfig, boolean isDefaultJWTClient,
-			boolean isMultiTenantMode) throws JWTClientException {
-		return generateSignedJWTAssertion(username, jwtConfig, isDefaultJWTClient, null, isMultiTenantMode);
+	public static String generateSignedJWTAssertion(String username, JWTConfig jwtConfig, boolean isDefaultJWTClient)
+			throws JWTClientException {
+		return generateSignedJWTAssertion(username, jwtConfig, isDefaultJWTClient, null);
 	}
 
 	public static String generateSignedJWTAssertion(String username, JWTConfig jwtConfig, boolean isDefaultJWTClient,
-			Map<String, String> customClaims, boolean isMultiTenantMode) throws JWTClientException {
+			Map<String, String> customClaims) throws JWTClientException {
 		try {
 			long currentTimeMillis = System.currentTimeMillis();
 			// add the skew between servers
@@ -253,22 +253,30 @@ public class JWTClientUtil {
 			String privateKeyPassword = jwtConfig.getPrivateKeyPassword();
 			KeyStore keyStore;
 			RSAPrivateKey rsaPrivateKey;
-			if (!isMultiTenantMode && (keyStorePath != null && !keyStorePath.isEmpty())) {
+			if (!isDefaultJWTClient && (keyStorePath != null && !keyStorePath.isEmpty())) {
 				String keyStorePassword = jwtConfig.getKeyStorePassword();
 				keyStore = loadKeyStore(new File(keyStorePath), keyStorePassword, "JKS");
 				rsaPrivateKey = (RSAPrivateKey) keyStore.getKey(privateKeyAlias, privateKeyPassword.toCharArray());
 			} else {
 				int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId(true);
 				JWTClientUtil.loadTenantRegistry(tenantId);
-				if (isMultiTenantMode || !(MultitenantConstants.SUPER_TENANT_ID == tenantId) && !isDefaultJWTClient) {
+				if (!(MultitenantConstants.SUPER_TENANT_ID == tenantId) && !isDefaultJWTClient) {
 					KeyStoreManager tenantKeyStoreManager = KeyStoreManager.getInstance(tenantId);
 					String tenantDomain = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantDomain(true);
 					String ksName = tenantDomain.trim().replace('.', '-');
 					String jksName = ksName + ".jks";
 					rsaPrivateKey = (RSAPrivateKey) tenantKeyStoreManager.getPrivateKey(jksName, tenantDomain);
 				} else {
-					KeyStoreManager tenantKeyStoreManager = KeyStoreManager.getInstance(MultitenantConstants.SUPER_TENANT_ID);
-					rsaPrivateKey = (RSAPrivateKey) tenantKeyStoreManager.getDefaultPrivateKey();
+					try {
+						PrivilegedCarbonContext.startTenantFlow();
+						PrivilegedCarbonContext.getThreadLocalCarbonContext()
+								.setTenantId(MultitenantConstants.SUPER_TENANT_ID);
+						KeyStoreManager tenantKeyStoreManager = KeyStoreManager
+								.getInstance(MultitenantConstants.SUPER_TENANT_ID);
+						rsaPrivateKey = (RSAPrivateKey) tenantKeyStoreManager.getDefaultPrivateKey();
+					} finally {
+						PrivilegedCarbonContext.endTenantFlow();
+					}
 				}
 			}
 			JWSSigner signer = new RSASSASigner(rsaPrivateKey);