Am I incorrect to assume that using a session to authenticate an api is I am working on an app that has a login 19 comments; share; save..