Secure JWT Authentication - Where to store the JWT Token. How to store JWT token in httpOnly cookies
In this video I go through a few possibilities on how to use the JWT token.
If you enjoyed this video then check out The Complete Strapi Course on Udemy:
JWT Tokens are used for authentications with many APIs and especially with Headless CMSs (such as Strapi, Sanity, etc..)
I go through dangerous and safe ways to store the JWT when working with a “fat client“ (e.g. React app)
Let me know what you think in the comments!
These are DANGEROUS ways to store the JWT token:
The reason why storing your JWT token in the frontend is dangerous is because if your site is subject to XSS (Cross Side Scripting) then a malicious script will have access to your token.
Ephemeral use example:
The httpOnly example will be in an upcomi
2 months ago 00:16:18 1
2 months ago 00:10:23 1
3 months ago 00:30:22 1
3 months ago 00:12:23 1
3 months ago 00:00:00 1
3 months ago 00:13:51 1
3 months ago 00:14:11 1
5 months ago 01:20:44 1
7 months ago 00:14:41 1
8 months ago 01:07:28 4
9 months ago 05:36:22 1
9 months ago 10:54:07 1
9 months ago 11:25:47 1
9 months ago 15:08:39 1
9 months ago 00:39:22 1
10 months ago 11:21:04 1
10 months ago 01:27:42 2
10 months ago 00:12:53 1
11 months ago 00:20:27 1
1 year ago 01:56:11 2
1 year ago 00:47:27 1
1 year ago 01:52:13 1
1 year ago 01:20:22 8
1 year ago 00:39:49 1
