Cookie-based authentication will store your access token in a cookie and a CSRF token will be required for every PATCH/PUT/DELETE (CookieAuthenticationsController)
Token authentication will return you the access token which you are responsible for saving safely and then passing with every request to protected resources (TokenAuthenticationsController)
Make room for authenticating in one of two ways:
CookieAuthenticationsController)TokenAuthenticationsController)