I am building a RESTful API with OpenEdge. I am wondering what is the best way to handle authentication of API calls? The API will be called by WEB and Mobile applications. In other technologies there are used different authentication tokens, for example JWT (Json Web Token). Does Progress offer something similar? Or should I just look into the OE Realm?

As far as I know, the OE Realm is not RESTful (stateless) since it creates and handles sessions. Am I correct on this?

Best regards,