Just like in @OvermindDL1 example. If you use JWT as a “one time token” then you just make them expire fairly quickly.
JWT itself is not stateful or stateless, it all depend on the way you use them. And if you need to keep track of all invalidated tokens then you have stateful JWTs. That is simple as that.
