In case Authentication is enabled for SOAP/REST Service rule, could you please clarify below points.

1. Once a new request is arrived, requester fetched from service requester pool (based on availability or creates new) and performs authentication? or requester is pooled/created after service authentication is successful.

2. Is authenticated requester returned to the service pool once the job is done, or it get deleted and new requester gets created for a new service request.

3. With respective to requester, how does the system act in case of stateful authenticated service, does it maintain an authenticated requester pool?

4. In the case of stateful service, do we need to carry the requester id in request and response message? also do we need to include logic in service activity to identify the specific session based on requester id or it get managed internally.

Thank you in advance.

***Edited by Moderator: Pallavi to update platform capability tags***