re: Be careful of the JWT hype train VIEW POST

TOP OF THREAD FULL DISCUSSION
re: But how do you check wether an user is authenticated or not in a single page application? It's quite straightforward: on login the client rece...
 

Android App & Website sharing the same API & Authentication service, how are you supposed to store a cookie on an app?

You're not bound to have the same authorization mechanism for both services if it doesn't suit your Android app, but you can:

how are you supposed to store a cookie on an app?

A cookie is just a header (not much different from the Authorization header OAuth2 uses), your app has a HTTP client, they usually handle cookies easily.

I'm quite sure there's a way to store a cookie in Android, by Googling I found these:

I do not know how up to date such info is because I have zero experience developing on Android but I do know that whenever you have a decent HTTP client, you have support for cookies (they are not a new technology ;-))

If you're sending http requests with headers back and forth than you must have cookies because cookies are essentially just a header. Right?

code of conduct - report abuse