can we use access token as session cookie in browser? and how to protect it?
The scenario is: you have refresh token that is valid for a longer period of time and an access token that is valid for a shorter period of time.
The setup: There is a client, application server and authentication server.
The client stores… Continue reading can we use access token as session cookie in browser? and how to protect it?