So, the question was asked a few months ago, but I was also faced with that question, and I wanted to answer it.
I think that you don’t need Keycloak, it is good enough for you to use OAuth2 and JWT.
Let me justify my answer:
You have just one client – an Angular application. Keycloak is useful when you have many clients (web-js, mobile platforms) and you want to create and manage them dynamically. But, I think that, in your case, you will create your client once without modification in the future.
Also, Keycloak is very useful when you have a lot of integration with third part systems (Google, Fb, Twitter and etc) because Keycloak has them out-of-box. Or if you need to integrate with some SAML or LDAP provider.
You may also want to use Keycloak, if you need some Identity and User management platform, and when you have complicated user access flow.
In the end, you could consider Keycloak if you need SSO (Single Sign On) feature. Once logged-in to Keycloak, users don’t have to login again to access a different application. But, by your description, you have just one application.