Parent App -
Reverse Proxy
Trigger API from Parent
Request should not have cookie header as calls are going to
/api/*