We are building a bunch of rest based services using Ens 2016.2 to serve our browser based application (Angular 4).
1. The initial authentication seems only work if credentials are placed in the url parameters. Trying to use the Authorization header instead, the client code immediately complains about Access-Control-Allow-
2. After initial authentication, what is the proper way to send subsequent rest calls without having to include credential every time?