Cookies are not recommended in a native mobile app - Capacitor iOS / Cookie Authentication / capacitor/http - #10 by dallas
See my post over here about storing an auth token - Best way to store Bearer token from API? - #2 by twestrick
Since my post, an open source secure storage Capacitor plugin has been created - GitHub - aparajita/capacitor-secure-storage: Secure, flexible storage for Capacitor apps using iOS Keychain and Android Keystore.. This is probably the best option outside of Ionic’s first party packages that require a subscription.