How to securely store JWT secrets/private keys on a NODEjs application ?
User only native nodejs methods or using a secret management service ?
First of all, you don't need to store JWT tokens as they are not meant for storing. You can always validate if you have a secret key available using the JWT library that is being used.
Now, when you generally host your services one way people use environment variables to access the secrets. However, they are visible to all who have access to the lambda/cloud functions or any specific services in the cloud.
process.env.VARIABLENAME
Secret managers are a great way to store your keys, password or anything that seems sensitive. We are extensively using them where ever we see the use of passwords, usernames, DB connection strings, etc.
Use only native nodejs methods
Not sure what native methods you meant here? You can use env file to keep things on servers, but it is only useful when you host them on servers, or containers(never used them on lambdas).