I've seen a lot of articles that cover using
JWT Tokens
JWT Token
The way we do it here with Asp.Net, is our auth layer looks for either a cookie or an Authorization header. It pulls the token from either location. This article might be helpful:
http://auth0.com/blog/cookies-vs-tokens-definitive-guide
This takes some custom code, but its not too difficult really. Make your own AuthenticationHandler.
https://wildermuth.com/2017/08/19/Two-AuthorizationSchemes-in-ASP-NET-Core-2
That excellent article will guide you through every step of the process.