OAuth 2.0 allows one to centralize user authentication. JWT tokens allow for signed-in user data to be kept client side, hence no server side session storage is required. The conjunction of both seems to have gained a lot of interest in recent years. During the talk I will introduce you to OAuth 2.0 flows and JWT tokens internals. I will show how those can be used to authenticate and manage user sessions in mobile and modern web applications. I will present the challenges we faced when implementing authentication using OAuth 2.0 flows with JWT tokens in a large PHP based application. We shall try to compare Token based mechanisms to well known PHP server side sessions. I hope to answer the question: Is it worth switching from session mechanism to OAuth 2.0 flow with JWT tokens?