Good morning from PDX! I am a solutions architect here, working on an architectural decision record to determine if we should use JWTs or PASETOs for API access tokens going forward. I am finding information about both galore to do a comparison, but not one or two sources of truth that I can use reliably use as a reference. Nothing from AWS, Azure or Google Cloud, and nothing definitive from OWASP either. Does anyone here have any recommendations for definitive sources that are trusted by the industry?