The most common usage of JWT for request authorization is done according to the OAuth2 bearer tokens specification. In this situation any party (the bearer) in possession of a valid token can perform an authorized call as the resource server (API) just validates the token itself.
According to this specification, the way to signal to the calling party that the request either needs to include a bearer access token or that the one received is not valid would be to include the following response header as part of a 401:
WWW-Authenticate: Bearer realm="example"
Where the realm parameter is optional so it could be reduced to just replying with the Bearer authentication challenge.
Have in mind that the following applies to a request that requires a bearer access token, if you’re referring to the a request that is meant to obtain a bearer access token then you should comply to what OAuth2 mandates as part of the grants available to obtain OAuth2 access tokens. Although OAuth2 does not mandate a particular access token format, it’s common to use JWT’s.