DEV Community

Discussion on: What is really the difference between Cookie, Session and Tokens that nobody is talking about ?.

ssimontis profile image
Scott Simontis

ASP.NET's legacy Forms Authentication used to allow using a SQL Server database for session storage, but I believe ASP.NET Core favors in-memory engines, although you are technically free to implement whatever you want if you implement the proper interfaces. For example, using Redis or memcached as a session store provider would alleviate the need for sticky sessions on a load balancer.