session - maduvena/jans-docs GitHub Wiki
Session state = cryptographic hash of Client ID, origin URL, and OP User Agent state
sid = is public identifier of session_id
because we don’t want to expose session_id except very explicit cases, instead we should use sid, e.g. explicit passing in logout uri or claim in id_token