Vulnerability in EPiServer.Forms
I have created an order discount with coupon code in episerver commerce marketing. I can set a maximum number of times that one customer can redeem a discount on Customer field when creating a discount. But If I set this limit, the discount is not available to anonymous users. (http://webhelp.episerver.com/latest/commerce/marketing/discounts.htm, Applying redemption limits) I couldn't find any information on episerver webhelp site.
How shall I do to apply redemption limit using coupon code for both logged in user and anonymous user? Any tips?
You probably want to set the redemption limit to Order Form instead of per user.
I don't think a restriction to per user makes senses in this case. An user can simply log out to work around it
Do you know if is possible to set the redemption limit on anonymous user? In episerver markering or in code?
No, there is no way to do it. How would you identify an anonymous user, when they can simply open new tab in incognito mode?
Ok, thanks Quan!