UIM utilizes JSON Web Tokens (JWT) for session management and authentication. When a user logs in, a JWT is issued.  Subsequent requests from the user will include this token for authentication and authorization. This token has an expiry time that will be set based on the configuration.

Once authenticated, the JWT token, which contains the user ID along with the other information, will be stored in the browser's cookie called JWTTOKEN. (The screenshots were taken from Chrome browser)

If you decode this token, the key JWT_USER_NAME_CLAIM contains the user ID. Browser agents can read the JWT token, decode it, and retrieve the user ID for external purposes.