Options for storing zitadel's session api's token
Hi, as far as I know, the best option to storing a token is an httpOnly cookie, set by the backend. I was trying to figure out how I could do that using Zitadel, but couldn't really find a fully satisfying option, so here are the options I'm seeing:
1) have access to a zitadel's api method that would allow to have session token set as a httponly cookie (couldn't find it)
2) use the instance of the zitadel's typescript login ui running next to our zitadel's instances (non-standardized, afaik)
3) roll our own backend that will do the session creation
with 1 being the most preferable option and 3 being the least. 2 is fine too, but the api needs to be somehow documented, at least a little, or guaranteed not to change all of a sudden. Could you help/steer me to the correct choice?
1) have access to a zitadel's api method that would allow to have session token set as a httponly cookie (couldn't find it)
2) use the instance of the zitadel's typescript login ui running next to our zitadel's instances (non-standardized, afaik)
3) roll our own backend that will do the session creation
with 1 being the most preferable option and 3 being the least. 2 is fine too, but the api needs to be somehow documented, at least a little, or guaranteed not to change all of a sudden. Could you help/steer me to the correct choice?
