Recently in CodeSession I encountered the following logged warning:

No XML encryptor configured. Key {6848a46f-d0d6-49a6-b035-0f30f5448f9d} may be persisted to storage in unencrypted form.

This was totally new to me, so I started Googling. There I learned all about .NET Core’s Data Protection API.

After reading the MS docs, this was still confusing. The documentation states that this API is used for things like .NET Authorization, but CodeSession doesn’t use that functionality. So why was this happening?