Implementing Authentication with external provider (e.g. Twitch)

Question

I'm developing a web application consiting of two parts: a Flask REST API as a backend and a React.js SPA as a frontend.

Now I'm at the stage of implementing authentication via an external provider (Twitch in particular). I'm not quite sure how I should handle these access/refresh/id tokens returned by Twitch, what am I supposed to return to the frontend from my backend or how they supposed to interract with each other?

For now I've done these:

• "Login" button at my frontend side which sends user to Twitch's login form
• Twitch then redirects the request to my backend route (e.g. /auth/callback/twitch)
• This route receives code query param and tries to exchange it with Twitch for access_token, refresh_token and id_token
• and after that this route returns a redirect response to /home page of the application with id_token set in cookies

The thing is that I'm not sure it's exactly what I need. Still got some blind spots on this matter:

• Should I use the id_token provided by Twitch to identify the User or should I generate my own JWT token with some User's data?
• Where should I persist that id_token (considering I tend to stateless design of the app and I want to be able to call my API directly just providing the valid credentials)?
  • probably for Users flow it's enough to use cookies?
  • and for direct access to my API there should be another way of auth (e.g. with Bearer token)?
• Should I take care of a freshness of the id_token (considering I only need it to authenticate the User inside my system)
• Am I right that I don't need the pair of access_token and refresh_token received from Twitch?