There is no perfect answer for security as software comes in so many different forms. Personally I like JWT for API authentication as it is easy to use with both web and mobile applications as generally you wouldn't want to be using cookies for your mobile application.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
There is no perfect answer for security as software comes in so many different forms. Personally I like JWT for API authentication as it is easy to use with both web and mobile applications as generally you wouldn't want to be using cookies for your mobile application.