Aug 29, 2021
Software development
Learned Microservices
Read a blog post
Read Awesome Tech Blogs
+ 2
My favorite way to handle API authentication (on frontend, in microservice architectures):

  • Using JWTs, microservices validate access tokens
  • Access Token, expires after 10 min, stored in memory and sent in Header on API requests
  • Refresh Token, http-only cookie used to renew access tokens

First time I heard read about this: The Ultimate Guide to handling JWTs on frontend clients