Those are arbitrary constraints. I figured you’d want something long enough to not to be guessable and not so long that it would cause broken links in email using plain text.
My point was that having a list of requirements would help answer @harisu’s question. So, I came up with some random example requirements off the top of my head to demonstrate how, if they were requirements, might influence the choice of using JWT.