How to use iframe authentication for logging in a specific user?

My web app uses Rocket Chat in an iframe. Users would create accounts and login via our web app. Our web app will turn around to create a Rocket Chat account for that user. I have iframe authentication enabled.

My question is that when Rocket Chat sends a request to API URL, my web app needs to know who’s the currently logged-in user. For example, is there a way to pass the web app’s user token in the request to API URL?