The server can transmit the JWT token to the browser via a cookie, and upon requesting the server-side interface, the browser automatically includes the JWT token in the cookie header. Authentication is then achieved by the server verifying the JWT token in the cookie header.
Refer to my medium blog for proper explanation.
https://medium.com/@mhmdzeeshan/cookie-based-jwt-authentication-with-spring-security-756f70664673