International Journal of Wireless and Ad Hoc Communication IJWAC 2692-4056 10.54216/IJWAC https://www.americaspg.com/journals/show/707 2019 2019 Associate Professor of Information Technology, Faculty of Computers & Informatics, Zagazig University, Egypt Ehab .. Professor of Information Technology, Faculty of Computers & Informatics, Zagazig University, Egypt Walid .. Department of Information Technology, Faculty of Computers & Informatics, Zagazig University, Egypt Nihal Salah  JSON Web Token (JWT) is a compact and self-contained mechanism, digitally authenticated and trusted, for transmitting data between various parties. They are mainly used for implementing stateless authentication mechanisms. The Open Authorization (OAuth 2.0) implementations are using JWTs for their access tokens. OAuth 2.0 and JWT are used token frameworks or standards for authorizing access to REST APIs because of their statelessness and signature implementation and JWT tokens are based on JSON and used in new authentication and authorization protocols in OAuth 2.0 because of their small size. When refresh tokens are stored in cookies, the size limit of a cookie or URL may be quickly exceeded. There may be refresh tokens for accessing users and getting the refresh token is a bit more complicated and refresh tokens in the browser require additional security measures and the attacker steals a refresh token and attempts to use it after the application has already used it. This implies that the attacker was able to steal a refresh token from the application. If the refresh token can be stolen, then so can the access token, even short token lifetimes can still lead to major abuse scenarios. In this article, we discuss the security properties of refresh tokens in the browser and the pattern to secure JWT tokens in the web front-end better. We propose a Backend for Frontend (BFF) pattern, where the token handling is deferred to the server-side component to a secure token that provides a lot of flexibility to the client-side. 2021 2021 01 20 10.54216/IJWAC.020101 https://www.americaspg.com/articleinfo/20/show/707