Identity Manager Community

Forum Angular Development - API Server doesn't accept requests because of a missing XSRF Token

State Verified Answer
Replies 12 replies
Subscribers 99 subscribers
Views 2125 views
Users 0 members are here

Options

Related

Angular Development - API Server doesn't accept requests because of a missing XSRF Token

ivo burkatzki over 1 year ago

Hello everyone,

so i set up a angular development projekt using a local API server.

The API Server doesn't accept Requests because of a missing XSRF Token.

When I look into the Development Tools, it tells me that the browser doesn't accept incomming cookies because of a mismatched domain.

Which is understandable since the cooke is sent with /APIServer as Path while the API Server runs locally under http://localhost:8182

(hence no XSRF Token set on the browser, hence no XSRF Token sent back)

How do I fix this issue?

Greetings

Ivo Burkatzki

Top Replies

rodney rosenda_67072 over 1 year ago +1

In development you could login with the following query parameter noxsrf (http://localhost:8182/imx/login/mycustomapi?noxsrf=true).

Regards,

Rodney

Parents

+1 ivo burkatzki over 1 year ago

Hello Everyone,

sorry for not answering, i didn't even realise that the thread was active. The moderation policy had me confused.

I solved this problem by disabling CSRF protection in my development environment. API-Server-> Admin-Portal-> Configuration -> Category: IMX -> Globally disable CSRF protection tokens
Cancel
Up 0 Down

Reply

Reject Answer

Cancel

Reply

+1 ivo burkatzki over 1 year ago

Hello Everyone,

sorry for not answering, i didn't even realise that the thread was active. The moderation policy had me confused.

I solved this problem by disabling CSRF protection in my development environment. API-Server-> Admin-Portal-> Configuration -> Category: IMX -> Globally disable CSRF protection tokens
Cancel
Up 0 Down

Reply

Reject Answer

Cancel

Children

0 identitymanager-support over 1 year ago in reply to ivo burkatzki

Hi Ivo,

thanks for the answer - short question - what to do if this setting is not saved?
We have saved it locally and globally - but this value is not saved.
Cancel
Up 0 Down

Reply

Verify Answer

Cancel
0 ivo burkatzki over 1 year ago in reply to identitymanager-support

Hi,

if you save it locally it should be changed till the server is restarted. If you change it globally, it should change a configuration-file and save the change for all servers. If it doesn't, there maybe a problem with file permissions or a more general bug.

We had a problem with saving changes in the Admin Portal and reported a bug. But that only concerned lists, like which fields to display for editing persons.
Cancel
Up 0 Down

Reply

Verify Answer

Cancel