SuperTokens is an open source authentication solution offering features like: Different types of login: Email / password, Passwordless (OTP or Magic link based).

SuperTokens.com

Hi, if my server updates the session content when the frontend receives this updated content?
Does the request that updates the session content return the updated cookie?

If you update the session content of the session that you verified, then the frontend gets the update immediately

If you update the session content in offline mode (using a sessionHandle), the frontend gets the update when it does session refresh (by default every 1 hour)

If you want the frontend to always get the update as soon as possible, then you can enable access token blacklisting feature in the core. The downside to this is that every session verification will query the core

Imagine a scenario where the frontend is consuming the backend SDK by API.
If the session content is changed in the request, is the token with the updated content returned in the Set-Cookie header?

Yes. And also via a custom header called “Front-Token”