Hi! Im trying to build an auth middleware (with nest.js) using the descope node-sdk. I’m not sure I understand how should I extract the refresh token from the request headers to validate the session after it fails. Can you please help me with that?

@stocky-van-20808 @few-holiday-24516 can you help here ?

Hi @wooden-portugal-88020 In the Node-SDK repo there is an example app with a sample auth middleware implementation This is the link Please take a look Feel free to post more questions here if needed

Thanks for the response, I saw this but as I understand it extracts it from the cookies, is there a way to send it in the request header (as the session token sent with the Authorization header)? Anyway, I tried the above example and added

sessionTokenViaCookie

in the React app and now I get

Error: both session and refresh tokens are empty

Is there something Im missing?

You need to extract the cookies from the response and send it to the verify function See how this is done here We have a NextJS sample app as well so you can take a look and see how it’s implemented here

It worked, thanks 🙂

Cool 👍