Traditionally, authentication or simple authentication works in a session-centric way. A client that is requesting resources from the server tries to prove that it is the right consumer for any given resource. The flow starts like this. A client sends an authentication request to the server using user credentials. The server takes those credentials and matches them with the credentials stored on the server. If a match is successful, it writes something called a cookie in the response. This cookie is a small piece of information that is transferred to and from subsequent requests. The modern user interfaces (UI) of websites are single-page applications (SPAs). There, the static web assets like HTML, JS are served from a CDN to render the web page initially. From next time, the communication between the web page and application server happens only through REST API/Web services.
A session is a nice way to record the user communication in a given period of time. The session...