cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Forbidden issue while making post call for XSJS service

Former Member

on ‎08-26-2017 12:19 AM

0 Kudos

Hi Team,

I did try making POST call for XSJS service, here request is failing with 403-forbidden issue, it is not the case with GET operation. Do we need any additional configuration for my service in order to enable post protocol?

FYI, am doing this through postman.

Please suggest. Thanks in advance.

Regards,

Nagaraju

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

pfefferf
Active Contributor
‎08-26-2017 5:52 AM

I assume that in your application access file (.xsaccess) the "prevent_xsrf" flag is set to true to secure your application against cross-site request-forgery attacks. In that case you need to determine a CSRF token before you do the post, to be able to pass the token in the post request header (as X-CSRF-Token).
For test reasons you can set the flag in the .xsaccess file to false, but in general it is not recommended to do that, especially if your services do write operations.

For details please check the documentation here.

Regards,
Florian

Show replies
Show replies
Ask a Question