I am using Express and Node.js for my API and another Auth Server. Currently, when a user logs in, a refresh token is sent back in an Http cookie and an access token is sent
