When dealing with forms that include session cookies or anti-CSRF tokens, we can either grab these tokens directly in Intruder using the Recursive Grep function (within the Intruder module), or construct a macro in Project options → Sessions → Macros (necessary if there’s, for example, a random redirect to make our life harder).
Basically, macros just define repeated requests that we can make. Once a request is defined here, we can add an entry in Session Handling Rules and define the Scope of the macro (the tools it’s active in and the URL it applies to). Then in details we can trigger the macro. Generally you’ll want to restrict the URLs the macro applies to and what parameters/cookies get updated by the macro as much as possible.