The truth about cookies, tokens and APIs - Phillipe de Ryck
Read OriginalThis article compares traditional cookie-based authentication with modern token-based approaches for APIs. It explains how OAuth works, the structure of JWT tokens, and the use of reference tokens. Key takeaways include choosing between stateful and stateless backends, the transport mechanisms of cookies vs. headers, and important deployment considerations like domain constraints and client-side storage.
0 comments
Comments
No comments yet
Be the first to share your thoughts!
Browser Extension
Get instant access to AllDevBlogs from your browser
Top of the Week
1
Introducing GPT-5.1 for developers
Simon Willison
•
4 votes
2
Using A Hidden Submit Button To Ensure Unnamed Submissions
Ben Nadel
•
3 votes
3
uv+just for testing multiple Python versions
Daniel Feldroy
•
3 votes
4
ServiceNow and Microsoft Copilot
Marius Sandbu
•
2 votes
5
🧠 Build an Agent Chat that Remembers — Persisting Conversations with Microsoft Agent Framework
Bruno Capuano
•
2 votes
6
Agentic AI and Security
Martin Fowler
•
2 votes
7
Springs and Bounces in Native CSS
Josh Comeau
•
2 votes
8
Importing vs fetching JSON
Jake Archibald
•
2 votes
9
Hire Me in Japan
Dan Abramov
•
1 votes
10
In the economy of user effort, be a bargain, not a scam
Lea Verou
•
1 votes