0

I have a react/Gatsby web app, that is using Aws Cognito authentication. The app calls several rest apis hosted at aws api-gateway which again uses Cognito Authorizer. I need to pass the authentication jwt-token issued by cognito when the user first logs in in the authorization header of each request sent to the api-gateway. Where should I safely store that token?

Thanks,

Ergun
  • 356
  • 1
  • 2
  • 14
  • on your server! -- more seriously, what's your question? Do you mean in the database vs. in a file? encrypted vs. not? – Christian Fritz Dec 17 '20 at 17:07
  • one idea is that you can store the token in localstorage. – user2232355 Dec 17 '20 at 17:09
  • @ChristianFritz it is a ReactJs website and runs completely on db access through apis. I am asking where I should store the session authorization Jwt for the authenticated user to be able to access apis. Where can be anything you propse Localstorage, session cookie etc. – Ergun Dec 17 '20 at 17:27

2 Answers2

0

You can use local storage or use cookies. I recommend to you use local storage

https://dev.to/nas5w/using-local-storage-in-react-with-your-own-custom-uselocalstorage-hook-45eo

Lautaro Zarandon
  • 145
  • 9
0

Your first preference is always httponly cookies and if it not possible then you can go for local storage.

here are the best answers you can get.

Local Storage vs Cookies

Nisharg Shah
  • 9,087
  • 5
  • 29
  • 52