fusionauth.sso cookie's value is encoded?
I was looking at the fusionauth.sso cookie and its value seems to be encoded, as I used the "jwt/refresh?userId" API endpoint to retrieve all currently active refresh tokens, and none of the tokens' ids matched with the value of the fusionauth.sso cookie. However, when I look at the value of the fusionauth.session cookie, it corresponds perfectly with the id of the refresh token for the FusionAuth session.
I am wondering why one of the session cookies corresponds to the id of a refresh token (fusionauth.session), whereas the other (fusionauth.sso) does not, perhaps one is encoded and the other is not? Thanks!
@yb98 I just figured this out, the cookie value is encoded in base 64, you can simply decode it to retrieve the actual token id.
joshua last edited by
Glad that you were able to get this figured out!
I was wondering exactly the same, but unlike @yb98 decoding the content of
fusionauth.sso(Base64) does not match my refresh token (like, not at all).
Is there a trick (special encoding or something)?
@pleymor yeah, it is slightly tricky, you can try decoding it here: https://www.base64decode.org/, you will get some gibberish, but the refresh token will be a substring of the decoded token. The length of the decoded token may also vary depending on your browser.