Inject valid token into getAccessTokenSilently()

I’ve got a React app, and am using the Auth0 SDK. When an existing user logs in, I use loginWithRedirect() and it’s working as expected.

My new user process is complex so I have a custom sign-up React page that calls a C# API on the server. This runs the custom sign-up code and then uses the Auth0 M2M /api/users to add the user to Auth0 and then calls /oath/token - the resulting token is then returned to the React app.

The token is valid after sign-up, but subsequent calls to the Auth0 getAccessTokenSilently() function fail (understandably) and it returns that a login is required.

How do I save my initial token so that getAccessTokenSilently() recognises it, or do I just have to scrap the SDK and rebuild using the Auth0.js?

Alternatively, is there a better way to design this flow?