An invalid/missing CSRF during authorization API call ?
Hello, I am trying to login through login server using API but I get error, any hints?
Here is a curl command example:
curl -X POST -H "Content-Type: application/x-www-form-urlencoded" -d 'grant_type=authorization_code&response_type=code&state=bce45f7c-6a37-46c7-9ede-c9979c152081&code=***************3&client_id=***************&redirect_uri=https//mysite.com/authorized/lo&client_secret=***********' https://login.linode.com/oauth/authorize
And the response was:
<h2>Whoops!</h2>
<div class="Error-body">
To protect your account, we've blocked this request due to an invalid/missing CSRF
token. Please try again.
</div>
<div class="form-actions">
<a href="https://login.linode.com/oauth/authorize" class="btn" data-qa-continue-button>Try again</a>
2 Replies
watrick
Linode Staff
When I've seen that CSRF error before, it's usually caused by having too many browser windows/tabs open. In your case, that may mean too many terminal windows open. You may need to restart whatever program you're running to make these API requests or restart your computer altogether.
Since curl doesn't cache requests, it's also possible that you might need to flush your DNS cache in case that's what's causing the issue.
