Use bearer tokens instead of session cookies in API tests

[vgeorge]

We should look into next-auth documentation on how to use bearer tokens for API endpoints and update our API tests agent to use them, as suggested here by @kamicut .