This is a good idea for client-side (secret/PK signed) JWT generation.
There is a similar challenge when the API has an endpoint that generates/signs the JWT server-side. IMO, a solution to that variation of JWT should also be added to this feature request, and possibly implemented in the Custom auth credential type, by providing a way to “apply the auth call result data (tokens, session-id, etc.) using expressions.”
In the meantime, I managed to implement a (sorta hacky) workaround for the server-side JWT signing issue and posted it here.