POST Call, with a csrf token produces 403 Error
-
Roman MoraruHas successfully completed the online course Basics (100)2 years ago #34481
Hello,
i would like to create a new entry in a database, hence i do have a connector call (POST) that does look something like this (see picture),
the BO Function that is supposed to send the call, consists of.
1. Via a GET-Call, get the x-csrf-Token
2. Send to the POST-Call (see picture), the csrfToken(x-csrf-Token) and the oEntry (postBody)
Error: “The Http request was not successful due to the client error: [403: Forbidden – The request was a legal request, but the server is refusing to respond to it.] Response: CSRF token validation failed”
Question: How to do a POST Call with a csrf-Token ?
Attachments:
You must be logged in to view attached files.Jennifer HäfnerHas successfully completed the online course Intermediate (200)Has successfully completed the online course Advanced (300)Has successfully completed the online course Basics (100)Has successfully completed the online course Advanced (310)Has successfully completed the online course Advanced (320)Has successfully completed the Intermediate CertificationHas successfully completed the Advanced Certification2 years ago #34489::Okay. And you have configured the Simplifier Connector call with the exact same parameters that you are using in the working Postman version?
You can try to execute both Connector calls (the GET request to get the token and POST request) inside an Server-Side Business Object function. So first, execute the GET request and store the token in a variable. Then, use this variable as the token parameter in the POST request. This way, both requests are executed right after another and therefore, the token should not be expired.
Jennifer HäfnerHas successfully completed the online course Intermediate (200)Has successfully completed the online course Advanced (300)Has successfully completed the online course Basics (100)Has successfully completed the online course Advanced (310)Has successfully completed the online course Advanced (320)Has successfully completed the Intermediate CertificationHas successfully completed the Advanced Certification2 years ago #34485::Hi Roman,
the response from the REST service indicates that the CSRF token that you included in the POST call is not valid. This means that the CSRF token is either expired or malformed, or the REST service cannot find it because it needs to be sent via a different parameter name.
However, debugging this issue highly depends on the REST service that you are communicating with. If the REST service is a private service managed by your company, you could ask a colleague that has access to the service to help you debug this issue.
Or, you could use another REST client (like Postman) to execute the POST call and check if you get the same response from the REST service.
Roman MoraruHas successfully completed the online course Basics (100)Roman MoraruHas successfully completed the online course Basics (100)2 years ago #34498
You must be logged in to reply to this topic.