O'Reilly logo
  • Rajnesh tripathi thinks this is interesting:

you will be using the token-based approach. The cookie-based approach is a bit easier to set up, but it is inflexible. Using tokens, you can come up with clever ways to authenticate the user and provide a more seamless experience. It also eases debugging and troubleshooting since you just need the token to interact with the API. It also allows the API to be accessed via a mobile app in the same way. It helps with performance since the token is validated using an algorithm rather than a database hit on every request.