When using jwtproxy as a generic oauth2-proxy which verifies access tokens, a client will reuse the same access token it received from the IdP as long as it remains valid.

I can prepare a PR if this sounds reasonable to you.