HACk using POST Request

Hi there,
I’m new in this field.
I just found a website, where USER1 requests the access to edit his file from USER2 on that website.
And when USER2 login to its dashboard and click on allow access, USER1 gets the access.
I’m USER1 here and. I somehow can access DASHBOARD of USER2 by manipulating the url, now when I click allow access. It’s not working. How can I allow the access without logging into USER2 account.