Session

unauthenticated: the user has not logged in
authenticated: the user has logged in successfully with a specific identity
complete: the user logged out
revoked: the session was cut short, either using the Admin UI or the API.

Similar to a device, but shorter lived, and linked to the authentication status. A session can be:

Once a session is finished, when the user returns they will be assigned a new session.

Session identifiers are not shared between pools — a user will receive a separate session identifier for each pool they access.