You can do that…

probably the easiest way would be to create a temporary token on the front end.