But this is debatable. Cause the JWT is not meant to be accessible on the frontend anyway.. but this is what I am conmfortable with