Please note this issue: https://github.com/waiting-for-dev/devise-jwt/issues/126 > The problem (which is not a problem, but a security measure) with cookies is that they can't be shared cross-domain.