I add { withCredential : true } to my request. You was correct my application works wrong and do not send Cookie to server. Now auth goes wrong with CORS error on my endpopint.