I hear that RESt API is stateless. This means that server application will not be able to differentiate among many calls to the same route.I have two questions with respect to this:
- Then every API call sent, must carry a valid credentials for authentication (given that the API is protected) ?
- Any web application which maintains states in the client side (example: an e-commerce app), can not be implemented using RESt API ?