JWT supports some encryption algorithms as an alternative to signatures but my experience is that most people like to keep it simple.

JWT is intended for authentication. Most of the time you're basically just signing a token containing an account ID and nothing else... Sometimes a list of groups but that only scales to a small number of groups.