cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Widget getting error: http 403 Forbidden CSRF token validation failed

Go to solution
SAPjedi
Contributor

on ‎07-23-2015 7:07 PM

0 Kudos

We have a widget that saves service tickets to C4C uisng oData web services.

The widget display a form to get input on a ticket (aka issue).  The oData retrievel services work since the category dropdown values are filled.

When the user clicks to Submit the ticket, we get the 403 error - as shown below in browser developer console.

C4C odata is using basic authentication.

Appreciate any tips on solving the important issue.

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

marlosdamasceno
Participant
‎08-12-2016 6:31 PM
0 Kudos

Hi Tim Chang,

Did you solve your issue?

I was trying to do something similar and getting “CSRF token validation failed”, so I looked for a solution and I found these two links:

In Create: CSRF token validation failed

Issues with CSRF token and how to solve them

My mistake was a poorly formatted xml in the payload request and missed “X-CSRF-Token: key” in the header.

Follow an example of request to insert an attach in a visit, so you can try it and see if works, remember to do a GET before the POST to retrieve the CSRF token:

URI as POST:

https://xxxxxxxx.crm.ondemand.com/sap/c4c/odata/cust/v1/yourOData/ActivityAppointmentVisitCollection('objectID')/ActivityAttachmentFolder

Raw headers:

Content-Type: application/xml

X-CSRF-Token: vYJRtxPK_768FXz02FpxCQ==

Raw payload:

<entry xmlns="http://www.w3.org/2005/Atom"

                xmlns:m="http://schemas.microsoft.com/ado/2007/08/dataservices/metadata"

                xmlns:d="http://schemas.microsoft.com/ado/2007/08/dataservices"

                xml:base="https://my316621.crm.ondemand.com/sap/c4c/odata/cust/v1/yourOData/">      

<content type="application/xml">

       <m:properties>

                <d:TypeCode>10001</d:TypeCode>

                <d:MimeType>image/jpeg</d:MimeType>

                <d:Binary>

                         Your binary file decoded in Base64 string

                </d:Binary>

                <d:Name>name_of_image.jpeg</d:Name>

                <d:CategoryCode>2</d:CategoryCode>

                <d:LinkWebURI/>                                  

    </m:properties>

  </content>

</entry>

Hope this helps, even been an old question.


Best regards


Marlos A. M. Damasceno

Show replies
Show replies
Former Member
‎08-12-2016 6:45 PM
0 Kudos

Hi Tim and Marios,

Could you share more information about your usecase?

Are you using an OpenSocial widget? an SAPUI5 application converted to a portal widget? How are you handling the OData model creation and lifecycle?

Thanks,

Guy

SAPjedi
Contributor
‎08-12-2016 6:54 PM
0 Kudos

Guy,

My initial post is actually over an year old.

I believe we worked thru an incident or Amit M. - but unfortunately I didn't share the solution here, which is now forgotten.

Tim.

marlosdamasceno
Participant
‎08-12-2016 7:04 PM
0 Kudos

Hi Guy,

That example is to insert an attachment to a visit in C4C. Therefore, I just created an OData service and start to use it. Moreover, if this help, to test the request I am using Advanced REST client.


Sorry if I can not help you with your issue.

Best regards

Marlos A. M. Damasceno

Answers (0)

Ask a Question