ASP.NET supports cookieless forms authentication out of the box. You can configure it through the cookieless attribute of the <forms /> tag in the <authentication /> section:
<authentication mode=”Forms”>The next table describes cookieless option possible settings in details:
<!– Detailed configuration options –>
If this configuration option is selected, cookies will not be used for authentication. Instead, the runtime encodes the forms authentication ticket into the request URL, and the infrastructure processes this specific portion of the URL for establishing the security context.