Apologies if this is a very basic question, but i'm a bit new to the world of auth. I'm trying to better understand how Identity works. I know that there are 2 kinds of typical authentication forms we see out in the wild: Cookie/Session Based, and Token Based. My question is, when I create a new MVC Core Application and select Individual User Accounts, under the hood, is Identity creating a session for my user after he logs in (setting a browser cookie with a session id in it for example)? Alternatively, is identity generating a token, server side, and passing it to the browser to store? Just trying to get my head around this.