Currently we highly advise against customers sharing their JWT Credentials. Instead, use the OAuth flow to make authorized API requests on a users behalf.
That being said, currently you cannot use OAuth with the Web SDK. Please see my post here about the planned improvement: