y
Hi, I am using SuperTokens only for backend. After calling signin api, how can I use access token present in its response header as I believe I can't override the function in signin api
r
hey @yvstrishul you can use the access token as an authorization bearer token in your request. You can save the refresh token as well somewhere and then use it to get new session tokens.
y
Yes, I was asking how to get token after signin api. I found this in your docs 'You should attach the st-auth-mode header to calls to the login API'. I think this can be used to store the access token in cookie to be used as authorization bearer token for subsequent request. Am I right?
r
are you calling the sign in APi of the core? Or of the APis exposed via the backend middleware?
y
via middleware of your backend sdk (/auth/signin)
r
right. So the response headers will have the access and refresh tokens
st-access-token
and
st-refresh-token
y
yes how are they usually fetched and stored?
r
they are stored in the browser usaually
when you say how are they fetched - do you mean how to read them from the headers in the response?
y
yes
r
that i mean you can google 🙂
y
ok Thank you