Skip to main content

Use stateless session tokens

Requirement#

The system should use securely generated, stateless session tokens that are validated using digital signatures instead of static API secrets.

References#