Hi,
Sorry, I didn't understand your diagram very well.
But regardless, about Sphinx, have you checked the Sphinx demo? It implements all the flow for authenticating, including generating the JWT with a secret.
In the case of the demo, you can see that the JWT secret is provided in the event TSphinxConfig.OnGetSigningData:
procedure TForm7.SphinxConfig1GetSigningData(Sender: TObject; Args: TGetSigningDataArgs);
begin
Args.Data.Key := TEncoding.UTF8.GetBytes('a secret that has the minimum length');
end;