Update guard-jwt.md to show .well-known/jwks.json support

[dudo]

Per this issue, and related PR, keys no longer need to be explicitly to the JWT guard.