SAP Knowledge Base Article - Preview

2751277 - How to disable the CSRF Token protection of an OData V2 service in SAP Gateway


In order to conveniently test an OData service it is needed to turn off its CSRF Token protection. How to achieve that?

Warning: the deactivation of the CSRF Token protection is not recommended in any kind of system, and not supported in a Production system, because of security reasons (see details below in Cause section). Turn it off only in QA, DEV or Test systems when it's really needed, but don't turn it off in a Production system. Also, the below approach is only applicable to OData V2 services. In OData V4 it is not possible to deactivate the CSRF Token protection (SAP Note 2322624).



SAP Gateway


SAP Gateway all versions


csrf, xsrf, token, security, switch, turn, switching, turning, disabled, disables, disabling, switches, turns, howto, how-to, way, method, gw, iwfnd, prod , KBA , OPU-GW-COR , Framework , How To

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.