But this is what I am not following. By “embedded app” you mean one that shows in an iframe inside the Shopify admin? Mine does this. It is loading and authenticating inside the iframe but I am not using cookies. Are there special features/functions of communication that are not done from server calls to the API? Or is this more about trying to avoid needing server side scripting?