BAD CSRF on creating new topic via API

Andrew_Nickolas · 2018-06-07 08:30:36 UTC

I’m trying to create topics dynamically via API, but receive a ‘BAD CSRF’ response.

This is how my Postman request looks like:

POST http://forums.{my_site}/posts.json
The body is: { 'title': 'New topic', 'raw': 'Test topic', 'category': '13', 'api_key': <my_api_key>, 'api_username': <my_admin_api_username> }.

I’ve also tried to run the ruby rake task using Net::HTTP as a client with the parameters above and it didn’t work. Similar topics didn’t help.

karltaylor · 2018-08-29 12:13:51 UTC

I’ve also got this error.

My requests work fine in postman, but when I try and use fetch() I get ‘BAD_CSRF’

zogstrip · 2018-08-29 12:42:10 UTC

Did you try using https instead of http?

blake · 2018-08-29 15:26:21 UTC

Could you verify what your content-type is set to in Postman and fetch()?. If it is set to application/json instead of multipart/form-data or application/x-www-form-urlencoded that could be the cause.