Storing and Removing Tokens
OAuth Tokens should be stored securely in the client.
- Websites: Store the
access_token
in memory, therefresh_token
is automatically included in anhttpOnly
andSecure
cookie with domaincotter.app
that is automatically included when requesting to refresh token. Learn more on how to store JWT tokens securely.
Cotter's SDK generally handles token storage in your app.
Some of our SDKs handles storing the tokens for you:
Last modified 3yr ago