Secure JWT Authentication - Where to store the JWT Token. How to store JWT token in httpOnly cookies

In this video I go through a few possibilities on how to use the JWT token.

If you enjoyed this video then check out The Complete Strapi Course on Udemy:
https://www.udemy.com/course/the-comp...

JWT Tokens are used for authentications with many APIs and especially with Headless CMSs (such as Strapi, Sanity, etc..)

I go through dangerous and safe ways to store the JWT when working with a "fat client" (e.g. React app)

Let me know what you think in the comments!

These are DANGEROUS ways to store the JWT token:
https://gist.github.com/GalloDaSballo...
The reason why storing your JWT token in the frontend is dangerous is because if your site is subject to XSS (Cross Side Scripting) then a malicious script will have access to your token.

Ephemeral use example:
https://gist.github.com/GalloDaSballo...

The httpOnly example will be in an upcoming video. Make sure to subscribe to be notified when that comes out!

Put this into action in The Complete Strapi Course:
https://www.udemy.com/course/the-comp...

• #education
• #jwt
• #auth_token
• #jwt_auth
• #jwt_authentication
• #strapi_authentication
• #how_to_authenticate_with_jwt
• #how_to_use_jwt
• #axios_jwt
• #jwt_axios
• #fetch_jwt
• #json_web_token