I have noticed that if I take out token param gak=lalala from
https://na2.connectnow.acrobat.com/app/session?instance=instanse-string/myroom it still returns session-secret
but if I run full url with token in my other browser for
example opera I get "This meeting ... error "
does that mean 1st login must be initiated for that browser
prior to obtaining session-secret and also authtoken is not needed
to obtain session-secret?
it could be that you had a valid session cookie (for your
developer account) we were able to fullfill the request without
extra authentication parameter.
For sure we do make sure that you are authenticated (and the
account owner) for the session request, but I don't really care if
the authentication comes from a token or a cookie.
BTW, we don't rely entirely on cookies for authentication
because depending on browser and operating system they have erratic
behaviour in Flash (i.e. cookies are not shared between HTTP
requests and FileReference upload/download) so we use
authentication token (passed on every request ):) that is the only
way that works everywhere.