I'm then using a WPF Desktop Application, that is using the API successfully. I'm now wiring up the Authentication side of things by using:
var response = serviceClient.Send<AuthResponse>(new Auth { UserName = "Test", Password = "TestPassword" });
On successful authentication I get a lovely 'response' packet back with the SessionId, Username and empty ResponseStatus.
I'm just not sure what to do next...
What do I do once the user has been authenticated by the api? Do I store the sessionId in Memory or a Database and then pass this with each request, validating the sessionId in each service?
All the examples are web based, so they have cookies and sessions, does this work in desktop clients as well?
What is the Best practice for Desktop client app?