I've worked with Macaroons (writing custom tools and libraries) and Macaroons are definitely more complex than JWTs. Don't be fooled with one signature algorithm, there are more things hidden under the surface (e.g.validation of a set of Macaroons requires finding cycles in a graph and symmetric decryption of data). If you really need tokens use constrained JWTs. Better: just use random strings.