Session A session is a connection that is time-delimited bidirectional high-level used for interactive expression or information exchange A session is typically stateful, and allows state to persist during multiple messages. Source Cookie Definition Token Definition Session-based authentication Typically, in session-based authentication, The session state is stored in the server. A session token is sent from the server as a cookie and stored in the client. The client can use the session token for authentication without explicitly logging in every time it requests the web page until the cookie expires.