Hi i'm using bearer token authentication with .Net web Api (not .net core).
(Not sure if this should be posted in Asp.Net or Security forum)
I didnt think this was using cookies, however when i look at the IIS logs it shows entries under cs(Cookie) column for calls to the endpoints which I have added [Authorize] in the controller.
e.g. text is:
.AspNet.Cookies=
Any ideas what this is? I'm not manually setting any cookies in my client.