I am a beginner in Auth0 and would like to interact with Auth0 as an authorization server using the OAuth2.0 method.
If I put an access token in a cookie to interact with an authorization server, is there a need for a session?
(By default, access tokens are placed in in-memory.)
I am learning about session-based authentication and token-based authentication, and I realize that token-based authentication does not require session management, which is different from the expiration of the session on the authorization server.
I would appreciate if you could answer.