I have an API where I am passing the session id back and forth between calls. I set up the session like so:

// start API session
session_name('apikey');
session_id($data['apikey']); // required to link session
session_start();

Although I named my session and am passing the session id via GET and POST using the name, PHP does not automatically resume that session. It always creates a new one unless I set the explicitly set the session id.

I found some old user comments on www.php.net that said unless the session id is the first parameter PHP won't set it automatically. This seems odd, but even when I call tried it still didn't work: rest_services.php?apikey=sdr6d3subaofcav53cpf71j4v3&q=testing

I have used PHP for years, but am a little confused on why I needed to explicitly set the session with session_id() when I am naming the session and passing it's key accordingly.

UPDATE

It seems I wasn't clear. My question is why is setting the session ID with session_id() required when I am passing the id, using the session name apikey, via $_GET or $_POST. Theoretically this is no different than PHP's SID when cookies are disabled. But for me it doesn't work unless I explicitly set the session ID. Why?