Access token on the frontend

Question

I have a NextJS app Supertoken is running on the frontend Supertoken is running on the NextJS API route the core is running in Docker Now I have a separate API running Fastify I would like to use the `Authorization Bearer` method to verify session on the separate Fastify API how can I extract the access token from the frontend to include in the headers Is there a hook available for it I can t seem to find it Also is my idea even possible Can I verifySession on another API that doesn t not run Supertokens backend

nkshah2 · Answer

Hi < Justine> What frontend SDK and version are you using

Justine · Answer

frontend SDK for NextJS I m using `supertokens auth react` version `^0 32 3`

Justine · Answer

< nkshah2> thanks for the quick response Really appreciate it

nkshah2 · Answer

Happy to help The Session recipe exposes a `getAccessToken` function on the frontend that gives you the access token You can attach that as a bearer token to requests

nkshah2 · Answer

The access token is a JWT so you can use any JWT verification library to verify it

nkshah2 · Answer

Or if you want to use the verifySession middleware function you could also have your fastify server call some API on the server that uses SuperTokens That API would call getSession internally and then give you the result back

Justine · Answer

interesting I tried the `getAccessToken` function but it returns me `undefined` Let s me try again maybe I ll record a short video Would you be free for a quick Discord channel call

nkshah2 · Answer

What version of supertokens node are you using

Justine · Answer

^14 0 2

nkshah2 · Answer

You can set `exposeAccessTokenToFrontendInCookieBasedAuth` to true when initialising the Session recipe This will let the frontend read the access token

Justine · Answer

interesting Ok let me try will report back in 5 mins

Justine · Answer

that works Thanks so much

nkshah2 · Answer

Awesome glad you got it working