OIDC with JWT in HTTP-only cookie instead of HTTP Authorization bearer header
I’m exploring the possibility of implementing OpenID Connect (OIDC) with an HTTP-only cookie to keep my frontend code completely authentication-agnostic, instead of passing the Authorization header around through Javascript code.
The idea … Continue reading OIDC with JWT in HTTP-only cookie instead of HTTP Authorization bearer header