https://supertokens.com/ logo
access token in cookies
v

vigneshkumar

04/17/2023, 8:41 AM
Hi, in what ways we can prevent the accesstoken to be visible from the cookies on the frontend?
r

rp

04/17/2023, 8:44 AM
hey @vigneshkumar you can't. Chrome shows it, and that you can't control
v

vigneshkumar

04/17/2023, 8:45 AM
Integrating with hasura can actually prevent the original session details or hash to be not visible right? instead hasura claims will be visible if I'm right?
r

rp

04/17/2023, 8:47 AM
when you say visible, do you mean that the frontend JS has access to it? Or are you saying about visible to the user in the inspect element
v

vigneshkumar

04/17/2023, 8:47 AM
I'm taking about the inspect element via the network or application tabs.
r

rp

04/17/2023, 8:48 AM
yea.. the cookies will be visible there always
v

vigneshkumar

04/17/2023, 8:50 AM
My goal is that, my access tokens shouldn't be even in be accessed from cookies, since supertokens issue them in cookies right? Instead if I use Hasura or any other Integrations, supertoken's JWT won't be visible on the cookies right?
r

rp

04/17/2023, 8:51 AM
it will be. You can't prevent that
v

vigneshkumar

04/17/2023, 8:56 AM
Okay, so what is the exact point of using the hasura integration with supertokens? https://supertokens.com/docs/passwordless/hasura-integration/without-jwt here it says, no tokens will be exposed to frontend. what does this mean?
r

rp

04/17/2023, 9:00 AM
it means that the JS on the frontend won't have access to the token. Which is different from the user being able to view the token