default authorization header (cloudflare#21828)

Author: patriciasantaana

src/content/partials/api-shield/session-identifiers.mdx

@@ -10,3 +10,5 @@ While not strictly required, it is recommended that you configure your <Glossary
 If you are unsure of the session identifiers that your API uses, consult with your development team.
 
 Session identifiers should uniquely identify API clients. A common session identifier for API traffic is the `Authorization` header. When a [JSON Web Token (JWT)](/api-shield/security/jwt-validation/) is used by the API for client authentication, its value may change over time. You can use a claim value inside the JWT such as `sub` or `email` as a session ID to uniquely identify the session over time.
+
+If your API uses the `Authorization` header on more than 1% of successful requests to your zone, Cloudflare will automatically set it as the API Shield session identifier.