soheil
Reputation: 73
Where we should save refresh token and access tokens?
im'm making a fullstack application with next js.
i want to use both refresh token and access token with JWT.
this is very important. I'm using jwt and next js. not oauth etc...
i had maked my tokens in backend but i don't know where i should save them.
both of them must be saved in cookie? i don't know i should save refresh token as a cookie or access as a cookie. and when i saved one of them as a cookie, another one should be saved where securly...
i am looking some websites they have refresh and access token system but all of them, have just one token in cookies part. when I search in those local storage or cookies, they hasn't another cookie...
thanks for your responses
Upvotes: 0
Views: 20
Answers (0)
Related Questions
- Why Does OAuth v2 Have Both Access and Refresh Tokens?
- Invalidating JSON Web Tokens
- Where to store JWT in browser? How to protect against CSRF?
- JWT (JSON Web Token) automatic prolongation of expiration
- Is a Refresh Token really necessary when using JWT token authentication?
- Where should I save jwt refresh token?
- Storing Oauth access token and refresh tokens
- Does I understand access and refresh token technique for authentication correctly?
- JWT Access token and Refresh token security