/support/notes/service/sap_logo.png){kind=logo}
SAP Knowledge Base Article - PublicSymptom
You try to perform a PATCH request in Visual Studio for the OData standard API. But you receive an error, even though the token has been fetched successfully in the GET request.
Error: 403 (forbidden) error
Environment
SAP Cloud for Customer
Cause
For POST, PATCH, and DELETE operations x-csrf-token is not sufficient to pass the token only. Along with x-csrf-token cookie needs to be passed that is returned by the server in the previous GET call that returns x-csrf-token. By passing the correct cookie value it should work.
Resolution
In the Request Header of the POST, PATCH and DELETE call, you should pass the following:
- x-csrf-token = <value returned by the server>
- cookie = <value returned by the server>
Keywords
OData request, external system, error, CSRF token validation failed, token sent, , KBA , AP-RC-ODF , OData framework (C4C Only) , Problem
Product
SAP Cloud for Customer add-ins all versions
/support/notes/service/facebook.svg)
/support/notes/service/twitter.svg)
/support/notes/service/youtube.svg)
/support/notes/service/linkedin.svg)
/support/notes/service/instagram2.svg)