[tpetry]

„9) Myth: JWT doesn’t support logout or invalidation. (It can with OpenID Connect)“

Iterating on how invalidation work with OpenID Connect when in a point before the author said an authentication service which can go down is a single point of failure you should avoid. So he added a spof by using openid connect...

[user5994461]

It's all about trade offs. If you want full session management, not everything can be decentralized. People often say that JWT can't handle sessions at all so I am merely explaining that it actually can out-of-the-box and how to make it work.

Anyway, there is always a single point of failure somewhere. There's got to be something that authenticates users and creates tokens in the first place.