Siteminder Authentication in Single Page Application

Question

I am doing one POC where in I am planning to integrate siteminder with our single page app. The frontend is in Angular 10 and its using Asp .Net Web API. Our frontend and backend will be deployed in same server and it will be protected by siteminder. So far what I have thought of is -

1. User will hit Angular URL
2. Request will come to server and will be intercepted by Siteminder agent and user will be provided with Siteminder login template page
3. Upon successful authentication, user will be routed to Angular URL
4. To display data, Angular will call Rest Endpoints
5. Rest Endpoints will check the existence of "Http_SM_USER" header value (Set by Siteminder after successful authentication), and if the user exists in DB and if he has proper role..he will get one JWT token with claims attached to it.
6. On subsequent request, user will attach this token in custom header and server will verify and do the needful.
7. On logout, siteminder logoffuri will be called which will invalidate SMSESSION cookie and user will be taken to Logoff page.

Please guide if this flow is OK or not. And if not, what else needs to be taken into consideration. Also how to protect Angular routes? Can I call backend API in Angular route guard to verify if a valid SMSESSION cookie is there or not. If a valid SMSESSION cookie exists, user can route to another URL. Otherwise user will be logged off.