use an Authorization header instead of a cookie in communicating with the backend (required for desktop versions)
avoids samesite restrictions on cookies still need a cookie when going from TES -> TWS. Hopefull this can still be set
avoids samesite restrictions on cookies still need a cookie when going from TES -> TWS. Hopefull this can still be set