then in this case the session number is a synonym for the authorization token?

In general terms, yes, but it's different. In a nutshell, we are talking about different authentication methods - based on cookies and based on tokens (most often the jwt token is meant, so google that for details).
In the first case (based on cookies), in general terms, the following happens: after the user sends his data (login and password), a session id is created on the server, this ID is written to the database and placed in the user's browser cookies. Then, each time the user accesses the server, the session ID from the cookie is checked against the session ID in the database, if they match, everything is ok.
In the second case (based on tokens), the following happens: the user sends a login and password, if everything is fine, then in response to this the server returns a signed jwt token. On the client, this token is stored somewhere (for example, in a local database), after which this same jwt token is added to each request sent by the client. The server decodes the received token and if everything is OK, then the request is processed. Well, I note that in this case, you can also store the jwt token in the same cookies and take it for verification from there, this is no longer important.
The methods are similar, but still different. In the first case, there is a so-called state - that is, both the server and the client must store the session ID, the server monitors / maintains these sessions in the database, etc. In the case of the jwt token, we essentially get rid of the concept of state - the server does not care who logged in, with which token, etc. That is, in this case, the token is self-sufficient and, apart from this token, the server does not need anything else to determine whether everything is OK or not.

Session lifetime is shorter and not adjustable.