GitHub user 17Shristi closed a discussion: CSRF Session token is missing
I am trying to embed a dashboard on client facing UI. Earlier it was working
fine, but we upgraded to 5.0.0. after which we are getting this error:
Error generating embed token: {
[1] errors: [
[1] {
[1] message: '400 Bad Request: The CSRF session token is missing.',
[1] error_type: 'GENERIC_BACKEND_ERROR',
[1] level: 'error',
[1] extra: [Object]
[1] }
[1] ]
[1] }
we are passing X-CSRFToken
method: 'post',
maxBodyLength: Infinity,
url: `localhost:8088/api/v1/security/guest_token`,
headers: {
Cookie: `${cookies}`,
'X-CSRFToken': csrfToken,
Authorization: `Bearer ${accessToken}`,
'Content-Type': 'application/json',
},
withCredentials: true,
data: data,
Using this end point to get the csrf token:
const response = await axios.get(
`localhost:8088/api/v1/security/csrf_token/`,
{
headers: {
'Content-Type': 'application/json',
Authorization: `Bearer ${accessToken}`,
},
},
);
const cookies = response.headers['set-cookie'];
what is I am missing?
GitHub link: https://github.com/apache/superset/discussions/34738
----
This is an automatically sent email for notifications@superset.apache.org.
To unsubscribe, please send an email to:
notifications-unsubscr...@superset.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscr...@superset.apache.org
For additional commands, e-mail: notifications-h...@superset.apache.org
