CSRF Token vs user's API key

Hi Team,
I am consuming Discourse’s rest APIs to list topics and create new topic or post,
in some APIs sometimes I am getting "BAD-csrf" error even if I am passing user’s API key.

can anyone please tell me that what are differences between User’s API key and CSRF-Token ?

Please share cURL examples of failing requests so we can help you.

1 Like