JWT tokens, being signed and verifiable, will allow you to validate without a call to your DB.
Implicit flow is simply a way to transact with a public client that can’t store a secret. We would recommend using the auth code + PKCE flow for browser-based public clients like SPAs instead of implicit (it’s the more modern flow).