Perfect, thanks! So as I understand, we don’t necessarily need to use the sessionToken or cookies as long as we have other methods of validating communication between front-end and server. And the accessToken on the server will continue to work as expected?