When you use the bronID White-label Forms, the links that bronID generates are called signed URLs. A signed URL is a URL that provides limited permissions and expires after a certain amount of time (30 days). Signed URLs contain authentication information in their query string. This is a security feature that significantly reduces the probability the White-label Form URLs to be brute-forced or guessed. A signed link can only be created from an account that has the bronID credentials. The White-label URL will expire after 30 days or 10 attempts to access (view) the Form.
To avoid your customers accessing an expired signed URL, you must unlock the Form when your customer is ready to submit the verification. A good way to do this is when your customer clicks on the "Verify ID" button on your platform. You should then execute the unlock API call and redirect them to the resulting link.
You can also manually unlock the Form via the bronID Portal. To do this, go to bronID Portal > KYC > Results > Organisation and click on the row with the organisation's name. In the right side slider, you can see the generated link. Click Unlock to unlock the URL. Note, that this URL will be valid for 30 minutes and 3 attempts to access (view) the Form.