Secure JWT Authentication - Where to store the JWT Token. How to store JWT token in httpOnly cookies
In this video I go through a few possibilities on how to use the JWT token.
If you enjoyed this video then check out The Complete Strapi Course on Udemy:
JWT Tokens are used for authentications with many APIs and especially with Headless CMSs (such as Strapi, Sanity, etc..)
I go through dangerous and safe ways to store the JWT when working with a “fat client“ (e.g. React app)
Let me know what you think in the comments!
These are DANGEROUS ways to store the JWT token:
The reason why storing your JWT token in the frontend is dangerous is because if your site is subject to XSS (Cross Side Scripting) then a malicious script will have access to your token.
Ephemeral use example:
The httpOnly example will be in an upcomi
2 years ago 01:52:13 4
5 years ago 01:44:47 10
2 years ago 00:33:11 0
3 years ago 00:11:29 17
5 years ago 01:27:28 39
5 years ago 00:11:36 3
![[Spring Boot Security] #06 JWT Authentication](https://sun9-23.userapi.com/OalWyz8thBR2A9NRnQt4LrqfGUM08IJZzXtvHQ/u7nL07q71Ng.jpg)
2 years ago 01:25:32 0
1 year ago 00:12:53 0
1 year ago 01:07:28 5
1 year ago 01:20:22 8
1 year ago 00:39:49 0
4 years ago 00:27:36 0
2 years ago 00:04:51 2
5 years ago 00:05:24 1
6 years ago 01:38:22 8
6 years ago 01:41:00 0
![What are JSON Web Tokens? JWT Auth Explained [Tutorial]](https://sun9-37.userapi.com/c857324/v857324462/54085/cjTsoiouZEg.jpg)
2 years ago 00:08:02 33
3 years ago 00:52:29 0
6 years ago 00:14:42 2
4 years ago 00:14:53 2
2 years ago 01:30:07 0
6 years ago 00:37:05 0
2 years ago 00:30:40 13
10 months ago 01:20:44 1
