why do people return jwt token despite setting cookie
I have observed that several backends returns jwt token as response when you hit endpoints like /login
Why isn't setting cookies via header
set-cookie enough?1 Reply
I think it’s pretty good explained here: https://stackoverflow.com/questions/37582444/jwt-vs-cookies-for-token-based-authentication
Stack Overflow
JWT vs cookies for token-based authentication
I read some posts about "JWT vs Cookie" but they only made me more confused...
I want some clarification, when people talking about "token-based authentication vs cookies", cookies here merely ref...