Testing Locally with Tokens Stored in Cookies
When using Descope with your application and testing in your local environment, you may encounter a 401 Unauthorized
error when trying to authenticate if you're storing your refresh tokens in cookies (the recommended way of handling
these tokens). The reason being that the cookies are set to a specific domain, and will not be sent when your
current page is of a different domain.
If you need to test locally, assuming you're using localhost, the custom domain that you configure in
the Descope Console will not allow you to authenticate if the
Cookie Policy is configured as Strict or Lax.
This guide will instruct you how to test cookies within a local environment.
This guide assumes that you have successfully configured the custom domain within your project.
Configure Descope Project
Within the Project Settings go to the Session Management section
and configure the Cookie Policy to None within the Manage in cookies section then save the configuration.
Test Cookies in Local environment
You can now utilize your custom baseUrl within your locally running application.
Note
If you are using incognito when testing, ensure that you have allowed 3rd party cookies in incognito mode.
Here is an example of testing cookie storage with localhost.
