Hello,
I'm writing a program that executes some code, based on a Post request send by a trigger in Rollbase. But I want to verify that the post request is send by a valid user that is logged in. To do this, I'm thinking about checking the sessionId. I want to send the sessionId with the postrequest, withing the XML body. Using an EVAL[] block, I tried {!#SESSION_ID}, but this returns NULL. Why is this, and how can I solve this? Or is there a better way of checking the post request came from a logged in user?
Kind regards,
Hi Martin,
The {!SESSION_ID} token only seem to work client-side. If you do get a sessionId, how will you check the validity of the sessionId from your code? Are you sending the POST request to Rollbase web service?
Regards,
Godfrey
The only time a POST request will not have a user context is when it is called from Batch Job or Delayed Trigger. Is this what you want to differentiate ?
You can use current user and current visitor token as well..