Storing JWT refresh token in httpOnly cookie
So, I'm building the auth part of an application. I have always return both
Now, after doing a little research, I have found that some people return just the
What is the opinion on this? Good practice? Bad practice? Unnecessary / anti pattern? Thanks in advance!
accessrefreshNow, after doing a little research, I have found that some people return just the
accessrefreshWhat is the opinion on this? Good practice? Bad practice? Unnecessary / anti pattern? Thanks in advance!
