I am trying accurately document the current authentication flow of our cloud only, and on-premise (AD FS) users when they attempt to access primarily SharePoint Online and MS Teams. Previously, I have seen this based on either SharePoint online detecting the presence of FedAuth and root Federation Auth (rtFA) cookies which can subsequently be requested from AAD .

Has this been largely superseded by Microsoft Identity Access Tokens? Are the access tokens relevant to the type of client / app and, or SSO set up? Essentially, I am trying to understand where the the cookies and the tokens fit in the current identity model.