@User btw, how did you manage session management before? I ask cause:
- You can't use httpOnly cookies attached to one API since you have multple APIs.
- Which means you must have stored the session tokens in localstorage?
- If yes, that means in browsers like safari (due to their new privacy features), localstorage will get wiped out after 7 days of inactivity. This means users who use safari will get logged out if they don't visit your site once every 7 days.