In Virtually all React apps that require authentication - the recommendation is to use entry tokens for speaking with APIs, and tokens might be saved easily in localStorage to persist across website page refreshes. If you're implementing access tokens which might be refreshed (as is prevalent nowadays), your session state https://www.statelocalgov.net/