Token Auth - Django Rest Framework Postman

Question

I am fairly new to Django so sorry if this is a silly question:

When I try to send the request through postman I receive this 403 error:

{ "detail": "CSRF Failed: CSRF token missing or incorrect." }

I have also tried adding it to the params section as well in postman, resulting in the same error.

However, when using the curl command, I receive the correct response:

curl -X POST -d "grant_type=convert_token&client_id=r29GLakM6OZ7c4Zg2cwuSXR7M1jiQHIEEMLvtbWA&client_secret=S2xKO81zzYBUTdxM14QiQWb63jnNvPLIcqDTrN9HIYj7t7ldfuCQFWoziWF6h88OgsMUCUNI6HbhIxZQ8ScPFWUWVcJNjaZspbGkDK1j9SsRYJi9uW6DhTr0A9QKvyOZ&backend=facebook&token=EAAY5l4TWgr4BAMjficP4mPKqlbVwVRXI0Xs5GLXSN97sMyKe3muElrkpXRcxJkiZCMzC7tfZBfT4Cci52Pk6Bb2GQm2BARm23tsJoaViOovmvZABlGlJPPZCJ9OecYvfEinUOBaDeBugiDv614yUzOAIfyE0lfZCAX8YAbYyxnlqYYtmS6ywH" http://localhost:8000/api/social/convert-token

What am I doing wrong?

Edit: I am using the django-rest-framework-social-oauth2 and following a tutorial online which did not require passing in any other token in the X-CSRFToken header field.

Possible duplicate of [CSRF Failed: CSRF token missing or incorrect](http://stackoverflow.com/questions/26639169/csrf-failed-csrf-token-missing-or-incorrect) — Abijith Mg, Mar 26 '17 at 17:00

score 0 · Answer 1 · answered Mar 27 '17 at 21:02

0

My problem was a cookie issue with postman. I deleted the cookies off chrome and disabled the interceptor on postman. It would store and use the previous sessions CSRF token instead of generating a new one.

answered Mar 27 '17 at 21:02

Simon

6,413
6
34
57

Token Auth - Django Rest Framework Postman

1 Answers1