I see a flaw in the argument. He shifted from saying you'd use a 5 minute access token timeout to querying the DB on every request. There can actually be a big difference between those two scenarios. Some web APIs can be bursty. Even caching credentials for 5 minutes could take significant load off the DB.
I'm pro JWT, but reducing load on the DB itself isn't a massive argument in favor of JWTs, because an opaque token solution can simply cache the result of a revocation check at whatever time interval is comfortable for the use case of the token. So assuming the API has access to a cache layer, there isn't a difference there. If there is no cache layer, there probably should be.
In a hyperscaler situation things are different, but we should avoid treating that as the norm.
