While going through the Webservice API documentation, can see that some of these APIs need authentication which can be done either by token or username/password.
Want to know if these APIs create any session? Can see MoodleSession as one of the cookies. But don't see these cookies ever been used in webservice APIs example ( mod_scorm_get_scorm_attempt_count, mod_scorm_insert_scorm_tracks).
Should these APIs be considered as sessionless APIs?