|Description||Using less secure bearer token instead of secure cookies|
If you have a need of serving the backend API and frontend from two different domains with no subdomain relation, you cannot use secure cookies. Instead you need to use a less secure bearer token. This is done by enabling bearer token authorization via the configuration option:
See also Configuring Session Cookies.