We want additional information about Authentication flow.

[kohei-miyoshi]

In the section "Authentication flow", it is better to explain about cookie more detail. Everybody can't know what name of cookie is used easily now.

Please add above information. e.g.

Step	Without provider SDK	With provider SDK
3. Establish authenticated session	App Service adds authenticated cookie (AppServiceAuthSession) to response.	App Service returns its own authentication token to client code.
4. Serve authenticated content	Client includes authentication cookie (AppServiceAuthSession) in subsequent requests (automatically handled by browser).	Client code presents authentication token in X-ZUMO-AUTH header (automatically handled by Mobile Apps client SDKs).

Thank you

---

Document Details

⚠ Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.

• ID: 75e17529-8b8a-1d67-f0e1-840d1d3ca990
• Version Independent ID: 265645df-ef21-4631-1744-7014b3ee681a
• Content: Authentication and authorization - Azure App Service
• Content Source: articles/app-service/overview-authentication-authorization.md
• Service: app-service
• GitHub Login: @cephalin
• Microsoft Alias: cephalin

[KranthiPakala-MSFT]

Thank you for reaching out. At this time we are reviewing the ask and will provide an update as appropriate

[Grace-MacJones-MSFT]

Upon further review we feel your feedback would be best received by the doc author to determine if an update to the current doc is necessary, or to create a new doc if they align with the feedback.

[cephalin]

Internal item created: https://dev.azure.com/msft-skilling/Content/_workitems/edit/288590

please-close