re: LocalStorage vs Cookies: All You Need To Know About Storing JWT Tokens Securely in The Front-End VIEW POST

re: I just wonder what is actually accessible by document.cookie? Secondly would be the implementation. I am interested in all processes from highly-a...

Hi Pacharapol!
Cookies that are marked httpOnly are not accessible from document.cookie, otherwise you can access the cookie from document.cookie.

With our JS SDK (from yarn add cotter), we actually handle storing the access token in memory and the refresh token in the cookie for you. In short, you can just call:


and it will:

  • grab the access token from memory if not expired, or
  • automatically refreshes the access token by calling Cotter's refresh token endpoint (where the cookie is included) and return to you a new access token.

If you're interested, shoot me a message on Slack and I can help you with any questions. You can find our documentation here.

Code of Conduct Report abuse