top | item 25521972

(no title)

I agree the article is confusing wrt state.

Basic Auth is stateless on the client side but not on the server side.

Token auth is stateless on server side; it does not need to store any more public/private key pairs as the number of authenticating users increases. It can just use one. So authenticating users does not affect state

discuss

combatentropy|5 years ago

> it does not need to store any more public/private key pairs as the number of authenticating users increases

That's a good point. Thank you