Is it safe to use a thing's unique id as url parameter?

I am working on an attendance system with NFC cards. Storing the member’s unique ID as a parameter in the url link.

( Assuming I have the privacy rule setup well, users without permission (login) will not be able to access the database.)
Wonder if this is safe to expose a thing’s unique ID?


As far as I’ve learned, the data you bring from the server to the browser is exposed and accessible through DevTools (F12)

Of course, only the information that is used is based on privacy laws.

In my opinion, using the unique ID in the URL will not be a problem, because you are only displaying it for the same user, and on the other hand, it is already exposed through DevTools.

1 Like

Should be fine to expose an ID so long as any sensitive data is protected by appropriate privacy rules