Hi,
I have a non embedded app (running in production) that recently added an admin action extension,
in the action theres a POST request (sent with fetch) made to the app endpoint,
it fails to pass the middleware shopify.validateAuthenticatedSession,
digging into the middleware i found it fails because when the app is not embedded the middleware turns to search for the session cookie instead of the session token in the headers,
Problem is the cookie will not be sent with the request (same-site=lax),
the session token in the authorization header does get sent, but the middleware will not look for it
help would be much appreciated!