Behavior: Validates the provided authentication token and identifier against the stage system. The token is normally supplied by the calling system as the unique identifier of the experience, and the token is the temporary authentication credential for the user. Returns 404 if validation fails.

Authorization: Requires an authenticated user (class-level [Authorize]).

Side Effects: A stage session may be created or updated for the authenticated user.

Error Scenarios: Returns 401 if the user is not authenticated. Returns 404 if the token validation fails or the user cannot be found.