hey 👋 backend engineer who is tinkering w/ kotlin multiplatform for a side project app. Noob question... what is the best way to handle user auth? say i am using a backend that operates on JWT... is there a multiplatform way to manage token storage? or, is this something that you would write a common interface for, and implement on a platform to platform basis?

You might have a look at ktor.io. I think they have ready-to-go examples for this. Check Docs / Ktor Server / Developing applications / Authentication and authorization.

no, sorry, to clarify, I don't have any problem building a server w/ authz... my question is how to maintain a token on the client side... an analogy would be using localstorage when in the browser... curious if there is a multiplatform equivalent

there are multiplatform storage libraries - i used https://github.com/russhwolf/multiplatform-settings which will work on web and mobile

If its pure storage, check androidx datastore, see https://developer.android.com/jetpack/androidx/releases/datastore#1.1.0-alpha02 for release notes. Ktor can as of example also storing tokens, session cookies and such. https://blog.protein.tech/kotlin-multiplatform-the-ultimate-guide-to-key-value-storage-ded5cc17cd42 Here is more variants.

ah perfect, thank you 🙌

I just built a wrapper around the [AppAuth](https://github.com/openid/AppAuth-iOS) [libraries](https://github.com/openid/AppAuth-Android) that is similar to [React Native AppAuth](https://github.com/FormidableLabs/react-native-app-auth). It then stores the received token with [KVault](https://github.com/Liftric/KVault/), a multiplatform library that wraps secure storage on Android and iOS.