To add the necessary cookies to a session using the

FrontendApi

, you need to set the

withCredentials: true

option in the SDK configuration. This will automatically include the cookies in the request when calling the

/sessions/whoami

endpoint. Here is an example of how to do this in JavaScript:

javascript import { Configuration, FrontendApi, Session } from "@ory/client"      const frontend = new FrontendApi(     new Configuration({       basePath: "<http://localhost:4000>", // Use your local Ory Tunnel URL       baseOptions: {         withCredentials: true,       },     }),   )

In this example,

basePath

should be replaced with your local Ory Tunnel URL. The

withCredentials: true

option ensures that cookies are included in the request. After setting up the

FrontendApi

instance, you can use it to check the session like this:

javascript export function checkSession() {     const [session, setSession] = useState<Session>(undefined)        useEffect(() => {       frontend         // the cookie is automatically sent with the request         .toSession()         .then(({ data: session }) => {           setSession(session)         })         .catch((error) => {           // The session could not be fetched           // This might occur if the current session has expired         })     }, [])        return session ? (       <table>         <tr>           <th>Session ID</th>           <th>Expires at</th>           <th>Authenticated at</th>         </tr>         <tr id={session.id}>           <td>{session.id}</td>           <td>{session.expires_at || ""}</td>           <td>{session.authenticated_at || ""}</td>         </tr>       </table>     ) : (       <div>Loading session data...</div>     )   }

In this function,

frontend.toSession()

is used to fetch the session data. If the session is valid, it displays the session ID, expiration time, and authentication time. If the session is not valid or has expired, it displays a loading message. For more information, you can refer to the [Ory documentation](https://www.ory.sh/docs/kratos/bring-your-own-ui/custom-ui-basic-integration#session-checks).

@chilly-king-10285 How do I fix the following error though?

key ory_kratos_oidc_auth_code_session does not exist in cookie

The error message

key ory_kratos_oidc_auth_code_session does not exist in cookie

suggests that the required session cookie is not present in the request. This could be due to several reasons such as the session cookie not being set correctly, the session cookie has expired, or the session cookie is not being sent with the request. Here are a few things you can check: 1. Ensure the session cookie is being set correctly: When a user signs in through the browser-based login flow, an Ory Session Cookie is issued. Make sure this process is working correctly. 2. Check if the session cookie is being sent with the request: If you're using the Ory SDK, make sure you have

withCredentials: true

in the SDK configuration. This ensures that cookies are included in the request. 3. Check if the session cookie has expired: Session cookies have an expiration time. If the cookie has expired, it will not be sent with the request. You can check the expiration time of the session cookie in the session data. 4. Ensure your application is running over HTTPS: Ory Kratos' cookies have the

Secure

flag enabled by default. This means that the browser won't send the cookie unless the URL is a HTTPS URL. If you want Ory Kratos to work with HTTP (for example on localhost) you can add the

--dev

flag:

kratos serve --dev

. But don't do this in production. If you're still having trouble, you might find it helpful to refer to the [Ory Kratos documentation](https://www.ory.sh/docs/kratos/) for more information on session management and troubleshooting.