Forum OpenACS Q&A: Response to Allowing online services access to password-restricted pages?

Perhaps a login token that appears in the URL that you pass to and times out after a certain period would be a
sufficient solution.  You'd probably have to hack the security
functions to accept the token for login.