Refresh & Access Token
Abhishek Choudhary
Before understanding the what are Refresh & Access Token , first we must understand why do we need them and what they are for ?
Refresh Token is a json web token used to generate more access token.
Access token are used to access a particular piece of information, without passing credentials again.
For example : we are signing up on a website , after initial authentication we don't want to pass our credentials again & again, every time we refresh or visit the site again, here access token comes to the rescue.
Access Token are type of token that are valid for a certain interval of time. These are needed to access a resource. If you already have generated the access token, next time you visit a website, it will then decrypt the access token and the extract the valid info from the database and return it you.
After access token are expired, refresh tokens are used to generate another access token, when you register or login on a website refresh & access token both are generated, as refresh token life span is greater than access one.
Refresh Token must be stored in local/session storage or you can pass in headers to a particular endpoint to generate new access token.
Access Token is necessary in order to remain authorized even if you reload the website or exit it.
Subscribe to my newsletter
Read articles from Abhishek Choudhary directly inside your inbox. Subscribe to the newsletter, and don't miss out.
Written by
Abhishek Choudhary
Abhishek Choudhary
I am a Frontend Developer Based in India with an experience of 2yrs in frontend technologies like, React & Next.js. Making Responsive, eye catching & smooth interactive websites is my passion & hobby. I have learned & gained confidence in frontend by getting my hands dirty on multiple projects. Please be sure to check out my portfolio.