Since traditional https://username:password@version_2_api calls (API v1 style) are still possible in API v2, what is the advantage of creating a session_id? In order to create a session id, one must still include their username & password in the API call. This all may be moot since the traffic is encrypted (https). Do session id calls not affect API call limits?
What advantage does using a session_id (which expires) over the traditional credential login (username:password@..)?