Fixes #262: add a notice pointing to a document describing the nuances of

sebadoom · sebadoom · commit c629b8fae4ae · 2017-12-12T21:06:57.000-03:00
cookie/local storage options for JWT storage.
diff --git a/views/md/introduction.md b/views/md/introduction.md
@@ -101,6 +101,8 @@ If you want to play with JWT and put these concepts into practice, you can use [
 ## How do JSON Web Tokens work?
 In authentication, when the user successfully logs in using their credentials, a JSON Web Token will be returned and must be saved locally (typically in local storage, but cookies can be also used), instead of the traditional approach of creating a session in the server and returning a cookie.
 
+> There are security considerations that must be taken into account with regards to the way tokens are stored. These are enumerated in [Where to Store Tokens](https://auth0.com/docs/security/store-tokens).
+
 Whenever the user wants to access a protected route or resource, the user agent should send the JWT, typically in the **Authorization** header using the **Bearer** schema. The content of the header should look like the following:
 
 ```
