Client validation is a vital part of almost every enterprise application and should be considered basic training.
Sessions are at the time of writing this document the most common way to login a user to a application and allow them access to private pages.
JWT is at the time of writing this document a popular way to allow stateless validation for a client connecting to a server.
OAuth is at the time of writing this document a popular way to let users provide access to information provided by a provider to a third party application.