Auth0 Home Blog Docs

How does Auth0 server manage Auth0 sessions?

Hello,

Generally speaking in web-apps, front-end maintains a session ID in the cookie so as long as those cookie is sent to the back-end and is a valid session ID, user don’t have to login again. This means that if a user deletes all their cookies, then user is required to re-authenticate.

However, in Auth0, this doesn’t seem to be true since I’m not require to re-login even after all cookies are purged. Sessions are alive unless I explicitly call logout API.

How does Auth0 manage sessions in the back-end? (Is it some kind of IP/Mac address mapping with browser ID?)

Thanks in advance.