I also ran into this issue after following Chris Talke’s Cookie setup docco ( How to put JWT's in server side cookies using the Strapi user-permissions plugin | Christopher Talke | Coffs Harbour based ICT Professional | talke.dev); this setting seems to have fixed it. I’m now getting the cookie in the headers when making a postman request.
It would be great to get ‘send auth as a cookie’ into the base version as an option. I assume I’ll need to patch around the cookie implementation whenever there is an upgrade (sry still new to Strapi - haven’t crossed the update bridge yet)