So every 15 minutes, when the JWT expires, that’s often a good time to just send the user through the OAuth flow again
That does seem more clean as I wouldn’t need to store anything server-side, but it seems difficult to restore the front-end state after the redirect to make it really seamless. For example if the user is completing a form they wouldn’t like to lose what they were typing.