> "You cannot invalidate individual JWT tokens". Which every time I've implemented, the general guideline is to check for invalidated nonces somewhere. Which resolves that random blog posts second point too.

100% agree. This is common sense to me and I'm always surprised to re-learn people don't do this