Even with Auth0, you have many choices — like JWT or cookie-based sessions. Auth0 provides many “strategies”, but it’s best to know which works best with the right trade-offs. Like, do you understand why JWTs may be insecure? Did you know that if you have a separate client and API both served from the same domain makes the headaches of having an auth server almost moot? These are good things to know when making an auth choice that underpins access to your systems. The wrong choice is hard to find time to re-do when you’ve already got live users
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Even with Auth0, you have many choices — like JWT or cookie-based sessions. Auth0 provides many “strategies”, but it’s best to know which works best with the right trade-offs. Like, do you understand why JWTs may be insecure? Did you know that if you have a separate client and API both served from the same domain makes the headaches of having an auth server almost moot? These are good things to know when making an auth choice that underpins access to your systems. The wrong choice is hard to find time to re-do when you’ve already got live users