Hi, Any POST/PUT/PATCH/DELETE request you send to the DSpace backend **must** include a valid CSRF token. So, this means that if you are sending these requests from Postman, then you must also send a CSRF Token from Postman.
We have documentation on how CSRF tokens are generated & work in our REST API docs at https://github.com/DSpace/RestContract/blob/main/csrf-tokens.md Essentially, you will need to first obtain a CSRF token via an earlier request, and then send it back in any POST/PUT/PATCH/DELETE. Hopefully that helps! Tim On Tuesday, April 30, 2024 at 11:10:16 AM UTC-5 [email protected] wrote: > Hey to all, i m try to test with postman why my rest api are not working > with post commands. > > i have read this > https://wiki.lyrasis.org/display/DSDOC7x/Installing+DSpace#InstallingDSpace-%22403Forbidden%22errorwithamessagethatsays%22Accessisdenied.InvalidCSRFToken%22 > > All is correct for my front and backend > the cors origin have both urls > and crod crentetials is true > > I can't understand why when postman send the post request are give me > again 403 Error > This error i have with my api from php script response! > > If can anyone help me! Thanks a lot! > -- All messages to this mailing list should adhere to the Code of Conduct: https://www.lyrasis.org/about/Pages/Code-of-Conduct.aspx --- You received this message because you are subscribed to the Google Groups "DSpace Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/dspace-community/ec3eea69-0681-42d4-aefd-e923273c4d9bn%40googlegroups.com.
