What is the best way to create an application that requires JWT authentication?

I'm currently facing a difficult problem to solve. My C# backend returns a JWT when the user logs into the application. For any and all requests the user makes to the application, the backend retrieves this JWT from the header, kills its validity and returns another one through a continuous validation function. I'm currently controlling these JWTs through a context within the application. However, as we all know in the community, React has a big problem with losing context information when re-rendering. In my case, when the page refreshes, it loses the context and kicks the user out of the system because it can't keep the current JWT.

One solution would be to keep this in a cookie. However, since my system must comply with the PCI-DSS system, I can't leave this token insecure. However, if I pass all the cookie security parameters, specifically HTTP-ONLY, it prevents my JavaScript from retrieving it to keep the user logged in if I refresh.

Could someone shed some light on this problem?

Additional information: I use React for the front end, an API in C#, and both are hosted on an IIS server.