I am trying to get and set the “_csrf token” but still haven’t found a solution for it.
Does anyone have experience with this topic?
My first HTTP request seems to works but the second one says “invalid csrf token”
I even tried using with and without authentication (basic auth) but the result is the same.
My steps are:
HTTP Request 1 : “GET request method” + “URL” that contains /init in the end.
Do you receive the CSRF Token in the output of the first HTTP Request node? You should set the Full Response additional option to true to get the Headers as well.
It looks like you’re not referencing the value correctly in the second HTTP Request node. In the Name field, you should enter the header name eg. _csrf. In the Value field, you should get this data from the previous field via Expression.
But before doing that, you will have to transform the set-cookie array into an array of object. Currently, the array elements contain both the Key and the Value. Hence, referencing them will be an issue. Alternatively, if you’re confident about the position of the _csrf element in the array, you can refer to it via its position.