If you decide to go with cookies and if your web api is consumed through a web application (e.g. Angular) it will be vulnerable to cross-site request forgery attacks (frequently referred to as CSRF or XSRF).

Bharat Dwarkani shared on Mar 05, 2020
image
blinkingcaret.com
bookmarks
share
visibility24
visibility24 share bookmarks
add