That's not how you work with cookies or APIs. Web API don't normally use cookies at all. But ultimately a cookie is just a value passed back as part of the response body. In your case you are creating a response object, setting some values and then doing nothing with it. You could remove all that code and the API would behave the exact same.
Web API doesn't work with HTTP results directly. Everything is an ActionResult. This is what allows you to return status codes, data, HTML, etc. What you need to do is create an ActionResult
, add your cookie to the returned data and then return that from the API. Going back to your example code then I think you can use the ResponseMessageResult
to wrap your response and return it. However you need to change the return type to IHttpActionResult
. Alternatively though it might just be easier to use the Response
object that is already created for you. This will allow any changes made by middleware to continue to work correctly.
Response.Cookies.Append(...);"
Refer to the docs here.