httpresponse - According to JSONAPI standards, does the server respond with the JWT Token in the response body or response header? -

no in jsonapi doc explains tokens. understand they're 2 different subjects had no luck finding direct answer on site nor on web.

assuming request authenticated, jsonapi standards return jwt token in response body or response header?

i thinking go best in meta or attributes object. how do it?

you can make id of sessions object put in meta or header

all fine. prefer treating session resource.