JWT vs Cookies

Open sachalifs opened this issue 10 years ago • 2 comments

Should we stick to client side cookies mechanism we have right now?

JWT is not being used properly...

Mar 14 '15 17:03 sachalifs

I think JWT is the reasonable evolution to auth handling; especially in a multi-tenant environment as ours.

We should, of course, look at the pros and cons here. This thread seems a good place to start. I think it'd be good if we comment with links to stuff to read on this matter and we could make a decision then.

Mar 14 '15 18:03 gvilarino

Also this: https://auth0.com/blog/2014/01/27/ten-things-you-should-know-about-tokens-and-cookies/#token-cross-domains

Mar 16 '15 19:03 sachalifs