Hi everyone, I am playing with KeyCloak in order to protect my nodeJS API. Looking at the node connector, there are areas which I don't understand.... First and foremost, why does the connector creates a SessionStore??? I mean it makes perfect sense when it's a web application, but for a stateless API (protected by a BearerToken), it sounds overkill to think in terms of "session" Directly related, I see a BearerStore, which I don't know how to use.. Should I use it as the store to protect an API? Last but not least, and this is a broader question, How would you protect a GraphQL Schema? FYI, a typical GraphQL API only has one endpoint. authorization would be defined in the data schema itself, using some @directives. Thanks for the help, Sincerely, Olivier