Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
368
Views
5
Helpful
1
Replies

MissingOrInvalidCSRFToken error from URL API

Janos Benyovszki
Cisco Employee
Cisco Employee

‎05-25-2022 06:11 AM

Use Case

1.I logged in to the CH managed Meetings site

2. Tried to open https://sitename.webex.com/sitename/m.php?AT=HM&MK=1630564626

3.I also tried to POST to https://sitename.webex.com/sitename/m.php the following form:

<form method="post" action="https://sitename.webex.com/sitename/m.php">

    <input type="hidden" name="AT" value="HM" />

    <input type="hidden"  name="MK" value="1630564626"/>

</form> 

RESULT: In both case, instead of the meeting being started, I remained logged in, the URL contained ...&AT=HM&RS=MissingOrInvalidCSRFToken&ST=FAIL

NOTE: It does work in redirection from an AT=LI URL API, but does not seem to work alone, after logging in manually.

What did I miss?

Labels:
0 Helpful
1 Reply 1

Janos Benyovszki
Cisco Employee
Cisco Employee

‎05-25-2022 06:12 AM

Some URL APIs require a CSRF argument to be included in the API request. The CSRF value is received when you execute the URL API login command. You can find more detail in the URL API WBS 31 Release Notes which is available from the URL API Release Notes section of Cisco DevNet (https://developer.cisco.com/docs/webex-meetings/#!url-api-release-notes/url-api-release-notes).

Customers Also Viewed These Support Documents