Does or will Caché support RFC 7523

RFC 7523 specifies the use of a JWT both as an authentication mechanism for a client and as a grant type to obtain an access token.  Cache supports the use of a JWT for client authentication in 2017.1.  There are currently no plans to support the JWT grant type for obtaining an access token.  This is a reasonable enhancement request..  I suggest that you make the request through the WRC including more background on your intended use.  Then priority can be set.

If you decide to add this support yourself, you should change OAuth2.REST to send the token endpoint request to your new class instead of OAuth2.Server.Token.  The method in your new class can check for JWT case and process it or otherwise forward to OAuth2.Server.Token:Process.  The OAuth2.Server.Token: CheckJWTAuthorization method has code which might help you learn how to handle JWT.  Of course, the usual caveats apply to this approach.

I thought about use of RFC 7523 a bit more and realized that in many situations it is appropriate to use the client credentials grant type from RFC6749 with the request authenticated using a JWT per RFC 7523.  This usage is supported in 2017.1 and will give you many of the security attributes of JWT grant type.