There is no explicit relationship between this pattern and OAuth. The structure of the token itself is open for extension. The pattern focuses on the manner in which the token is leveraged.

As you say, the JWT spec was not as mature at the time of writing.

(Assuming you're the author -- who knows though.) Now that the JWT spec is mature and there are some nice implementations of it, do you think it's a good option for token-based authentication?

Yes, I'm the author. Long as the JWT spec implements a strong method of encryption , it's a good option.

The JWT was not as mature at the time of writing. In any case, The structure of the token itself is open for extension. The pattern focuses on the manner in which the token is leveraged.