httpClient async request and sessions

Using httpClient for check if a session is active or not always returns null, I tested on js making an async request with the WithCredential:true clausule and works as expected returning true when the session is active or false when is not.

I already did the cors configuration (on js it works), this it is:

string[] origins = new string[2] { "http://subscripciones:8080", "http://localhost:5000" };
        services.AddCors(options =>
        {
            options.AddPolicy("AllowMyOrigin",
            builder => builder.WithOrigins(origins)
                              .AllowAnyHeader()
                              .AllowAnyMethod()
                              .AllowCredentials());
        });

this it is my session config:

            services.AddDistributedMemoryCache();
        services.AddSession(options =>
        {
            // Set a short timeout for easy testing.
            options.IdleTimeout = TimeSpan.FromSeconds(60);
            options.Cookie.SecurePolicy = CookieSecurePolicy.Always;
            options.Cookie.HttpOnly = true;
            // Make the session cookie essential
            options.Cookie.IsEssential = true;
        });

//and app.UseSession(new SessionOptions() { Cookie = new CookieBuilder() { Name = ".AspNetCore.Session.ProduSSO" } });

this is my config for make async request throught httpclient:

       private readonly HttpClient clientSSO = new HttpClient(new HttpClientHandler
       {
         UseDefaultCredentials = true,
          ClientCertificateOptions = ClientCertificateOption.Automatic
       });
         var httpRequestMessage = new HttpRequestMessage(HttpMethod.Get, "http://localhost:5291/Security/IsSessionActive");
        httpRequestMessage.Headers.Add("Host", "localhost");
        httpRequestMessage.Headers.Add("Connection", "keep-alive");
        httpRequestMessage.Headers.Add("Pragma", "no-cache");
        httpRequestMessage.Headers.Add("Cache-Control", "no-cache");
        httpRequestMessage.Headers.Add("Access-Control-Request-Method", "GET");
        httpRequestMessage.Headers.Add("Origin", "http://localhost:5000");
        httpRequestMessage.Headers.Add("User-Agent", "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36");
        httpRequestMessage.Headers.Add("Access-Control-Request-Headers", "authorization");
        httpRequestMessage.Headers.Add("Accept", "*/*");
        httpRequestMessage.Headers.Add("Sec-Fetch-Site", "cross-site");
        httpRequestMessage.Headers.Add("Sec-Fetch-Mode", "cors");
        httpRequestMessage.Headers.Add("Referer", "http://locahost:5000/");
        httpRequestMessage.Headers.Add("Accept-Encoding", "gzip, deflate, br");
        httpRequestMessage.Headers.Add("Accept-Language", "es-ES,es;q=0.9,en;q=0.8,pt;q=0.7");
        httpRequestMessage.Headers.Add("Authorization", "Bearer 1Q7zkOL59cRqWBkQ12ZiGVW2DBL");

        using (var response = await this.clientSSO.SendAsync(httpRequestMessage))
        {
            if (response.StatusCode == HttpStatusCode.OK)
            {
                var result = response.StatusCode == HttpStatusCode.OK ? await response.Content.ReadAsStringAsync() : String.Empty; // always false

            }
        }