Skip to Content
Apr 26, 2021 at 10:40 PM

BTP Workflow: Getting xsrf-token fails (403 Forbidden)

666 Views Last edit Apr 26, 2021 at 10:40 PM 2 rev

Hi experts,

I'm trying to configure Document Centric Approval Process using SAP Workflow Management scenario in my trial account.

When I start the workflow from the UI, it throws an error. The error was caused by xsrf-token fetch request to the workflow runtime.

I tried to execute the same request from Postman and the result was 403 Forbidden error.

I can execute /v1/task-instances request successfully, so I can say the url and OAuth token are valid. (I'm using OAuth 2.0 authentication)

From above error, I suspect that the workflow service instance is lacking a scope necessary for fetching xsrf-token.

Could someone guide me with which scope I should provide or any other way to make xsrf-token request succeed.

I couldn't find /xsrf-token endpoint in API Business Hub.

Best Regards,