Websites with user accounts typically implement an authentication mechanism to identify returning
users. Post-authentication, a session will often be established. The server and browser will
exchange a session ID so the server knows which user the browser is representing with each HTTP
request.