Cookies are useful for browser applications, since they’re handled basically automatically with document.cookie.
However, HttpService is not a browser, and only sends the headers that you give it. If your web server sends you a Set-Cookie in its response, its completely up to you to store that cookie in your game server somewhere (either locally or in a DataStore or something), and manually adding that Cookie header to subsequent requests.
I agree, or just use JWT for both so your server is less complex and you can use the same auth method for both game-server clients and browser clients.
Here is a pretty good article about cookies vs. tokens/JWT for authentication.
Edit: tl;dr:
Not unless you tell it to 