The SPA should include the session script, which is available at:
${rootPath}files/session/session.js
where ${rootPath} identifies your Metrici instance, e.g. https://www.metrici.com/.
This script defines the Session class, which you can create a default session and then get a suitable JWT using
var session = await Session.ready();
var jwt = await session.getJWT();
The session will reuse JWTs until their expiry, and manage the refresh of JWTs from the Metrici server.
If the session cannot connect to the Metrici server, for example because the user's session has timed out, it will by default navigate the user back to the SPA controller page. This will force the user to sign in again, and then re-show the SPA.
Silent authentication
The Session class uses a silent authentication method, in which a call is made to the Metrici server using the session into which the user has previously signed on, rather than forcing the user to sign into the SPA again (hence the term silent authentication).
The SPA does not have direct access to the Metrici session. The method used by the Session class is described in Calling Metrici web services from the SPA.