# During enrolling Trusted Devices

During your app's registration flow, you will enroll the user's device as their first Trusted Device. On this flow, you will receive the User's information.&#x20;

In addition to user information, you can also receive the OAuth Tokens when trusted device enrollment succeeds.

{% tabs %}
{% tab title="React Native" %}
In you registration flow, you will [enroll the user's device as their first Trusted Device](https://docs.cotter.app/sdk-reference/react-native/react-native-sdk-passwordless-login#step-5-register-this-device-as-a-trusted-device). You would normally receive the user's information on the `onEnrollSuccess` function.

To receive the OAuth Tokens on this request, modify your code as follows:

```javascript
import { Cotter } from "react-native-cotter";

class SignUp extends Component {
  ...
  onFinishRegistration = (userID) => {
    var cotter = new Cotter(
      <API_KEY_ID>,
      userID
    );
    // Enroll device as Trusted Device
    cotter.trustedDevice.enrollDevice(
      this.onEnrollSuccess,
      this.onEnrollError,
      (getOAuthToken = true),  // 👈 Add this parameter
    );
  };
  ...
}
```

In your `onEnrollSuccess` function, you will receive the following response:

```javascript
{
  "ID": "c6042472-f8cd-34le-921e-4hkb4d8cd52e",
  "client_user_id": "<YOUR_USER_ID>",
  "created_at": "2020-04-07T09:41:21.667849Z",
  "update_at": "2020-04-07T02:42:29.062304-07:00",
  "default_method": "TRUSTED_DEVICE",
  "deleted_at": null,
  "enrolled": [
    "TRUSTED_DEVICE"
  ],
  "identifiers": null,
  "issuer": "<YOUR_API_KEY_ID>",
  
  "oauth_token": {  // 👈 NEW Oauth Token
    "access_token": "eyJhbGciOiJFUzI1N...",
    "auth_method": "TRUSTED_DEVICE",
    "expires_in": 3600,
    "id_token": "eyJhbGciOiJFUzI1NiI...",
    "refresh_token": "3:qCznAaruV0R1NjVPw5HnN...",
    "token_type": "Bearer"
  }
}
```

{% hint style="success" %}
Cotter's React Native SDK **automatically** **store your tokens securely** inside the device's secure storage.
{% endhint %}
{% endtab %}

{% tab title="Other SDKs (coming soon)" %}
We'll add support for JS, Android and iOS soon 😉. Stay tuned!
{% endtab %}
{% endtabs %}

{% hint style="warning" %}
**Tokens must be stored securely within your application**.&#x20;
{% endhint %}

### Getting and Removing tokens from the Storage

You need to pass the `access_token` to your backend server on every API calls. You also need to remove the tokens from storage to log out your users. Check out how to do that here:

{% content-ref url="../../storing-and-removing-tokens" %}
[storing-and-removing-tokens](https://docs.cotter.app/getting-access-token/storing-and-removing-tokens)
{% endcontent-ref %}

### Renewing Expired Tokens

Access tokens and ID tokens expires in 1 hour. When they're expired, you need to use the `refresh_token` to get new tokens. Check out how to renew expired tokens:

{% content-ref url="../../renewing-expired-tokens" %}
[renewing-expired-tokens](https://docs.cotter.app/getting-access-token/renewing-expired-tokens)
{% endcontent-ref %}