Hi, I am using SuperTokens only for backend. After...
# support-questions-legacyy
yvstrishul
04/27/2023, 3:47 PMHi, I am using SuperTokens only for backend. After calling signin api, how can I use access token present in its response header as I believe I can't override the function in signin api
r
rp_st
04/28/2023, 5:17 AMhey @yvstrishul you can use the access token as an authorization bearer token in your request.
You can save the refresh token as well somewhere and then use it to get new session tokens.
y
yvstrishul
04/28/2023, 5:21 AMYes, I was asking how to get token after signin api. I found this in your docs 'You should attach the st-auth-mode header to calls to the login API'. I think this can be used to store the access token in cookie to be used as authorization bearer token for subsequent request. Am I right?
r
rp_st
04/28/2023, 5:22 AMare you calling the sign in APi of the core? Or of the APis exposed via the backend middleware?
y
yvstrishul
04/28/2023, 5:22 AMvia middleware of your backend sdk (/auth/signin)
r
rp_st
04/28/2023, 5:24 AMright. So the response headers will have the access and refresh tokens
rp_st
04/28/2023, 5:24 AMst-access-tokenst-refresh-tokeny
yvstrishul
04/28/2023, 5:25 AMyes how are they usually fetched and stored?
r
rp_st
04/28/2023, 5:27 AMthey are stored in the browser usaually
rp_st
04/28/2023, 5:28 AMwhen you say how are they fetched - do you mean how to read them from the headers in the response?
y
yvstrishul
04/28/2023, 5:28 AMyes
r
rp_st
04/28/2023, 5:28 AMthat i mean you can google 🙂
y
yvstrishul
04/28/2023, 5:30 AMok Thank you
3 Views