BAD CSRF on creating new topic via API


(Andrew Nickolas) #1

I’m trying to create topics dynamically via API, but receive a ‘BAD CSRF’ response.

This is how my Postman request looks like:

POST http://forums.{my_site}/posts.json
The body is: { 'title': 'New topic', 'raw': 'Test topic', 'category': '13', 'api_key': <my_api_key>, 'api_username': <my_admin_api_username> }.

I’ve also tried to run the ruby rake task using Net::HTTP as a client with the parameters above and it didn’t work. Similar topics didn’t help.


(Karl) #2

I’ve also got this error.

My requests work fine in postman, but when I try and use fetch() I get ‘BAD_CSRF’


(Régis Hanol) #3

Did you try using https instead of http?


(Blake Erickson) #4

Could you verify what your content-type is set to in Postman and fetch()?. If it is set to application/json instead of multipart/form-data or application/x-www-form-urlencoded that could be the cause.