Hello,
We had a company make intrusion tests on our environments to test the security and they advised us to take a look at a popular pattern for authentication ‘Token Handler Pattern’.
In this pattern, the front-end application no longer stores the JWT token but a cookie generated by a new service (OAuth Agent) that handles the communication with Auth0 and stores the token.
Is this pattern usable with Auth0’s services?
Kind regards