Moqui session token

A question:
I am right when i am saying the moquiSessionToken is not used in the REST interface?

Hans at

I disabled providing session tokens when using the REST interface and everything still working ok…

so to answer the question myself: no it is not used.

however should it be used?

If I recall correctly, the moquiSessionToken is for POST events to prevent xss POST in client side js.

1 Like

at the moment i do not provide a moquiSessionToken when accessing via the REST interface, and it is not giving me an error, so my understanding the moquiSessionToken is not used here?