HTTP is called as a Stateless Protocol. But when we create the session in the PHP, server sends the session ID to the browser using the Set-Cookie header. So in the next API call retrieves session information from the server. So its means it can get the session information from the previous API call.
Stateless means that the server does not store information about the client in between requests. Cookies, in the case of HTTP, are a way to keep HTTP stateless, but work around this restriction elegantly. The server does not need to store anything, and the client needs to send the cookies on every request in order to make the server know about certain aspects of the client (for example which token to use with an CIAM system).
A session is not the same as a state.
The reason it is stateless is because you don't keep a constant connection to the server, but you send a request and get a response. Then the communication ends (simplified).
If you take a protocol like SSH or FTP, it can be in a state of connected, because it keeps up the connection. If something interfere with the connection (ie you lose WiFi) the state is broken, where in HTTP you can be disconnected and reconnected and the server will never know.
The session is a short term reference to your session, but it's not a state. Sure if you go into the details, the server (but this is not a part of the HTTP protocol) will have open and closed sessions which might be seen as states.
Purvi Barot
Software Engineer
HTTP is called as a stateless protocol because each command requested is executed independently, without any knowledge of the request that was executed before it. It is the protocol used for the web. It is based on request/response paradigm.
In this protocol the communication generally takes place over TCP/IP protocol.