What you are trying to achieve is not recommended. What you are trying to do is less secure than using a redirect. You will not be able to support additional authentication mechanisms like social login, webauthn, otp, etc. You will not have support for SSO, in fact users will (unless you save tokens to local storage/cookie which we wouldn’t recommend) have to re-login on each page reload.