CSRF stands for Cross-Site Request Forgery and is an attack on a system in which a hacker performs a transaction in an application. This article explains how to use a Token to get a secure connection to SAP Sales Cloud OData API
Navigation for OData API
The tricky thing about X-CSRF attack is that it does not happen directly, but the hacker uses a victim who is a logged-in user to the application. The hacker places an HTTP request to the victim’s browser, which executes the dangerous transaction when the application is called. In order to prevent these possible cross-site request forgery attacks, SAP Sales Cloud OData API requires a X-CSRF token for further authorization header. To receive the X-CSRF-Token use following GET request
In addition, you also need to fetch the x-csrf-token in the header of the request. If the query is successful, you can read the x-csrf-token in the response header and use it for the query types POST, PATCH, DELETE, etc. A typical token may then look like this:
Was this article helpful?
If you like our content we would highly appreciate your review on Trustpilot
#SAP C4C #SAP Cloud 4 Customer #Cloud 4 Customer #Cloud for Customer #SAP Sales Cloud #Sales Cloud #OData #API #X-CSRF #X-CSRF-Token #Token