Skip to main content
Which UI do you use?
Custom UI
Pre built UI

Fetching the access token string

On the backend#

import express from "express";
import { verifySession } from "supertokens-node/recipe/session/framework/express";

let app = express();

app.get("/getJWT", verifySession(), async (req, res) => {

let session = req.session;

let jwt = session.getAccessToken();

res.json({ token: jwt })

On the frontend#

1) Enable exposeAccessTokenToFrontendInCookieBasedAuth#

When using cookie based auth, by default, the access token is not readable by the JS on the frontend (since it's stored as httpOnly cookie). To enable this, you need to set the exposeAccessTokenToFrontendInCookieBasedAuth config to true (as shown below


If you are only using header-based sessions, you can skip this step

import SuperTokens from "supertokens-node";
import Session from "supertokens-node/recipe/session";

supertokens: {
connectionURI: "..."
appInfo: {
apiDomain: "...",
appName: "...",
websiteDomain: "..."
recipeList: [
exposeAccessTokenToFrontendInCookieBasedAuth: true,

2) Read the access token on the frontend#

import Session from 'supertokens-auth-react/recipe/session';

async function getJWT() {
if (await Session.doesSessionExist()) {
let userId = await Session.getUserId();
let jwt = await Session.getAccessToken();
Looking for older versions of the documentation?
Which UI do you use?
Custom UI
Pre built UI