When a user want to edit or preview a file for example, it access an url on your app. This URL will always be completed with a token
allowing you to verify the user identity.
POST api/v1/core/token
Request
{
"token": ""
}
Response
{
"workspace_id": "",
"group_id": "",
"user_id": "",
"app_id": ""
}
You MUST verify this token because if you dont, anybody can access the data provided by your app.