06-23-2023, 05:35 AM
(This post was last modified: 06-23-2023, 05:37 AM by Alexandre Machado.)
You just need to point them the token.
You will find it right at the bottom of the generated HTML, something like this:
<input name="IW_FormID_" type="hidden" value="namtCysYXuYT~1HeQ3a8a5J-h9C"></form>
A wrong value of this field will cause IW server to reject the request.
The value is per session and instance. Two instances of the form will always have different values regardless of the session, so one user can't impersonate another user even if they have the other user session ID
You will find it right at the bottom of the generated HTML, something like this:
<input name="IW_FormID_" type="hidden" value="namtCysYXuYT~1HeQ3a8a5J-h9C"></form>
A wrong value of this field will cause IW server to reject the request.
The value is per session and instance. Two instances of the form will always have different values regardless of the session, so one user can't impersonate another user even if they have the other user session ID