The main idea with JWT (which is why they are signed on the backend) is that they prove that the sending client (your Ionic app) speaks with a certain authority. A typical workflow:
- client sends username and password
- server responds with JWT
- client asks server to do something, provides JWT received in step 2
So in your situation, I would recommend one of two strategies:
A. Require steps 1 and 2 to be done when the app is first installed. Presumably this is a time where internet access is very likely (because the user just downloaded the app). Store the JWT on-device using Ionic Storage. Now queue up actions and whenever the network is available, burst them out with the JWT you have already received.
B. Just start queuing actions and requests. The first time you notice internet is available, pop a modal asking the user to authenticate, and then act as in strategy A.
Strategy A is probably going to be most familiar to the user, because lots of apps require you to do registration-type stuff at installation time. Strategy B would likely feel weirder, but would allow the user to start working immediately offline, if the APK was somehow side-installed.
Notice that neither strategy involves generating JWTs client-side, because there isn’t really any point in doing that. The server is going to be verifying the signatures on the JWTs in the end anyway, so it needs to have the private key, not the client.