• I've received the proper access_token
• However, access_token disappears when I'm redirected to dashboard.getgitme.com, because the React App is reloaded at that address.
• I cannot store access_token locally, it is unsafe.
• So therefore, I would need to sign in again when going to dashboard.getgitme.com

Great resources

Cross Site Scripting (XSS)

Protecting Your Cookies: HttpOnly

OWASP/CheatSheetSeries

Cross Site Request Forgery (CSRF)

Getting Token Authentication Right in a Stateless Single Page Application

Where to store access-token in react.js?