top | item 13711519

Ask HN: Where do you store your OAuth tokens on a browser?

1 points| softwarefounder | 9 years ago | reply

If you're building a website/product that authenticates using OAuth (or any form of token auth), where do you store your access token and refresh tokens on the client?

I want the user to be authenticated across multiple tabs, so sessionStorage is out.

That leaves localStorage and cookies.

How do you handle this, and what are the best practices that you've seen?

discuss

No comments yet.