如何向客户端提供JWT令牌

I'm planning a new application. Consider the following scenario:

• The frontend is a single page polymer application.
• The backend is a custom PHP framework
• All communication between front- and backend runs over REST API calls.
• There's a possibility to login, and I want the communication over the REST API to be authenticated by a JWT-token.

I have a SAML IDP to log in users, but the IDP is not able to provide the JWT-tokens directly.

So what I want to do is the following:

              start auth                  start SAML
+----------+ +------------>  +---------+ +-----------> +----------+
| frontend |                 | backend |               | SAML IDP |
+----------+ <------------+  +---------+ <-----------+ +----------+
               JWT token                 SAML rspoonse

In this scenario my backend will receive the user details from the IDP and create a JWT token for the frontend. After the SAML authentication is done, a redirect will take place to the front end.

What is the best way to get the JWT token from the backend to the frontend?

I was thinking about storing it in a PHP session, and then the frontend would be able to perform an API call to get the JWT token (after which the token is removed from the session).

Are there any better ways to solve this?