DEV Community


Discussion on: From Zero to Hero (▀̿Ĺ̯▀̿ ̿) in Authentication | Part 1

sarafian profile image
Alex Sarafian

That's why I tried to expand.

In real life it is not always to map this for various reasons.

But let's say you have an identity card and you give to a clerk in the town hall. Only card(token) validation happens. It is actually much more complicated because you are in context of federation. But I don't want to confuse you. In any case, authentication happened once when the card was issued. I'm referring to countries where the card is electronic.

Thread Thread
kushagra_mehta profile image
Kushagra Mehta Author

Yes, you explained it very well. Only the initial step is authentication after that everything is authorization till the ID gets expires. Session-ID stored in Cookie or JWT Token is just an authorization ID provided by the server which allows us to perform various functions on server resources. But on the initial steps, I have categorized stateful, stateless and everything else.