Is there a specific reason why the JWT plugin does not have the hide_credentials option like other authentication plugins?
I can’t think of any reason why this would not be an acceptable contribution you could make. In the past, a user didn’t feel a need to this and that is why it was never developed.
PR welcome!