In Just about all Respond applications that require authentication - the advice is to use entry tokens for communicating with APIs, and tokens might be stored easily in localStorage to persist across website page refreshes. For anyone who is implementing accessibility tokens that could be refreshed (as is popular right https://www.statelocalgov.net/