Hi, I'm using MVC5AJ1.
I'm trying to send request by using Postman with following the [https://aspnetzero.com/Documents/Development-Guide-Mvc-Angularjs#token-based-authentication]) here. But why am I getting Error 400?
Thanks. /Tommy
10 Answer(s)
-
0
When I tested, it works well. We skip anti-forgery token validation for POST, PUT, PATCH and DELETE attributes. Are you using GET? In documentation we mention that you should use POST. If you want to use GET than you set an anti-forgery token or you can disable it.
Check this document for more info: <a class="postlink" href="https://aspnetboilerplate.com/Pages/Documents/XSRF-CSRF-Protection">https://aspnetboilerplate.com/Pages/Doc ... Protection</a>
-
0
Hi,
Show what you have done so far (request & response)
-
0
Thanks for the reply.
Nope, I'm using POST. I was trying to login by using the URL of >http://localhost:6234/api/Account/Authenticate to login and get the token.
Thanks. /Tommy
-
0
<cite>alper: </cite> Hi,
Show what you have done so far (request & response)
I totally follow the token based authentication part and get the error. I'm wondering why.
Thanks. /Tommy
-
0
Hi Tommy,
Can you show the request header and body used in postman?
-
0
<cite>ryancyq: </cite> Hi Tommy,
Can you show the request header and body used in postman?
Hi ryancyq,
Yes, of course. [attachment=1:2y08710k]Capture.PNG[/attachment:2y08710k] [attachment=0:2y08710k]Capture.PNG[/attachment:2y08710k]
Thanks. /Tommy
-
0
Make sure PostMan Interceptor is not enabled.
-
0
<cite>maliming: </cite> Make sure PostMan Interceptor is not enabled.
Hi maliming,
Yup, it's not enabled.
Thanks. /Tommy
-
0
hi tteoh
Can you send us a project that can reproduce the problem? Email address: <a href="mailto:[email protected]">[email protected]</a>
-
0
<cite>maliming: </cite> hi tteoh
Can you send us a project that can reproduce the problem? Email address: <a href="mailto:[email protected]">[email protected]</a>
Hi maliming, I have no idea why it's working now without the Error 400.
Thanks. /Tommy
