My code makes extensive use of sessions for things like the logged in
user. I have added a stateless API that authenticates on each
request, but it uses underlying code that sets session data. In the
stateless case, the session is populated on each request. I don't
want it persisted.
Is there a way to prevent the session cookie from being set, or do I
need to go through and find all of the instances where the session is