is there a way I can use the session cookie in my APIs as a bearer token ? I know there is a flow where it gives out session tokens but that is for mobile apps and API clients, my use case is I have a web app using react js and tailwind CSS which is able to log in users. But I have to now use that to call the APIs, and want to pass it as a bearer token. I don’t want to setup oathkeeper just yet cause right now its a side project and too much for me to self manage 😅. One thought I have is, can I just pass the cookie’s string as a token?

I have just implemented Kratos in my React application with a NestJS backend. I use RTK Query and have "credentials": "include" setup in React. In my backend, i can get the Kratos cookie from the request and use this for validating the session 🙂 I don't know about setting the cookie as the bearer token, but the cookie approach works very well.

ah cool this works ! let me try this

It's part of the Redux toolkit. We use it for caching and having all our client communication with apis in a central library https://redux-toolkit.js.org/rtk-query/overview

oh nice!