Secure JWT Authentication - Where to store the JWT Token. How to store JWT token in httpOnly cookies
In this video I go through a few possibilities on how to use the JWT token.
If you enjoyed this video then check out The Complete Strapi Course on Udemy:
JWT Tokens are used for authentications with many APIs and especially with Headless CMSs (such as Strapi, Sanity, etc..)
I go through dangerous and safe ways to store the JWT when working with a “fat client“ (e.g. React app)
Let me know what you think in the comments!
These are DANGEROUS ways to store the JWT token:
The reason why storing your JWT token in the frontend is dangerous is because if your site is subject to XSS (Cross Side Scripting) then a malicious script will have access to your token.
Ephemeral use example:
The httpOnly example will be in an upcomi
2 months ago 05:36:22 1
2 months ago 10:54:07 1
2 months ago 11:25:47 1
2 months ago 15:08:39 1
2 months ago 00:39:22 1
2 months ago 11:21:04 1
3 months ago 01:27:42 1
3 months ago 00:12:53 1
3 months ago 00:20:27 1
5 months ago 01:56:11 2
5 months ago 00:47:27 1
5 months ago 01:52:13 1
5 months ago 00:35:09 1
5 months ago 01:20:22 8
5 months ago 00:39:49 1
6 months ago 01:27:28 1
7 months ago 08:43:04 47
8 months ago 02:37:48 1
8 months ago 01:30:07 1
9 months ago 01:05:43 1
10 months ago 01:50:04 1
11 months ago 00:54:36 1
11 months ago 00:30:40 1
12 months ago 00:08:02 30
