Auth clients now use localStorage-based token headers instead of cookie
credentials. This provides cross-origin compatibility and clearer auth flow.
- analytics-client: Remove credentials: include from fetch calls
- sso-client: Add getAuthHeaders() helper for MFA components
- SSOClient core: Remove redundant credentials, keep Authorization headers
- Updated tests to match new header-based auth expectations
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>