Get Tokens during Authentication
Last updated
Last updated
When a user logs in to your application using the Sign in with Email/Phone or the Sign in with Device method, Cotter will return OAuth tokens in the form of JWT Tokens.
For Sign in with Email/Phone: The authentication_method
= OTP
For Sign in with Device: The authentication_method
= TRUSTED_DEVICE
You will receive the access token when using these features:
The JS SDK automatically store your tokens securely
Tokens must be stored securely within your application. Use for Android and for iOS apps.
You need to pass the access_token
to your backend server on every API calls. You also need to remove the tokens from storage to log out your users. Check out how to do that here:
Access tokens and ID tokens expires in 1 hour. When they're expired, you need to use the refresh_token
to get new tokens. Check out how to renew expired tokens: