What is the difference between a "session" and a "token" (e.g., JWT) for authentication?

Correct! Well done.

Incorrect.

The correct answer is A) Sessions typically store state on the server and reference it with an ID; tokens like JWTs carry the data themselves and can be verified without server-side storage

Correct Answer

Sessions typically store state on the server and reference it with an ID; tokens like JWTs carry the data themselves and can be verified without server-side storage

Explanation

Session-based auth stores state server-side (e.g., in Redis), while token-based auth (JWT) embeds claims in a signed token the client holds, enabling stateless verification across servers.

Previous All Questions Next

Progress

40/100

🏗️

Browse All System Design Questions

100 questions · beginner to advanced