You try to perform a PATCH request in Visual Studio for the OData standard API. But you receive an error, even though the token has been fetched successfully in the GET request.
Error: 403 (forbidden) error
SAP Cloud for Customer
For POST, PATCH, and DELETE operations x-csrf-token is not sufficient to pass the token only. Along with x-csrf-token cookie needs to be passed that is returned by the server in the previous GET call that returns x-csrf-token. By passing the correct cookie value it should work.
In the Request Header of the POST, PATCH and DELETE call, you should pass the following:
- x-csrf-token = <value returned by the server>
- cookie = <value returned by the server>
OData request, external system, error, CSRF token validation failed, token sent, , KBA , AP-RC-ODF , OData framework (C4C Only) , Problem