With this provider, a simple bearer token will be added to the Authorization header for each subsequent XHR request. The JWT will be stored within cookies under a configurable key. While the /api/auth/token route is used when creating the token, the specific /api/auth/refresh route is used for the auto-refresh token once the token expires, which can be set from the configuration.
Check out the JWT flow diagram
For JWT authentication to work, JWT keys must be configured on the backend. You can find relevant information from this link. Generating JWT Keys.