According to the spec, Expiry field is required but may be set to null to convey "never expires".
Are there reasons to have the field set to null vs having it absent (optional)?

There are several reasons to prefer having it optional:

1. Adheres to the JWT spec
2. Makes for a uniform way of conveying absence, as it is for nbf & other fields.
3. Makes for a more sound absence semantic, this great talk gives a fine mindset for it