on 09-11-2020 11:49 AM
Hi Experts,
Need your valuable inputs on below queries.
If we trigger from postman is that mandatory to call GET and then POST method?
if we call GET method then only we are getting Token,Is that CSRF Token is constant or will it change for every call?
CSRF token will it configure in gateway level or front-end an how to configure?
My service is for POST call , do we need to implement GET as well or only POST call is enough?
Depending on where you are sending the call from (network) you may not need to do a GET. The CSRF token changes and therefore you need to retrieve it firs. The POST/PUT/DELETE methods require the token because these methods will change data in the backend and therefore the token is used to authenticate the request and prevent unauthorized requests from changing data. if you retrieve a token you use it a few times until it expires
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thank you Sergio Guerrero for quick response,
How this will be achieved CSRF token, Front end team will configure or from back-end do i need to do anything?
User | Count |
---|---|
70 | |
8 | |
8 | |
6 | |
6 | |
6 | |
6 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.