- CRSF Token and cookie seem to match - The session id should be removed completely and the auth token or the refresh token should be used instead as session identifier
