Level 30
Maybe this helps you out:
https://laracasts.com/discuss/channels/general-discussion/tokenmismatchexception-on-ajax-call
Feb 15, 2015
5
Level 2
CSRF Token verify error
Hi,
I'm currently building an api and encountered the "TokenMismatchException" in the VerifyCsrfToken.php. I'm using postman for testing my api and i added the X-CSRF-TOKEN header in my request, but still i get the TokenMismatchException when submitting a form (through postman to a store method on an api controller). Anyone an idea how to add the csrf token to the form?
Level 14
If you are using the default Laravel 5 CSRF handler - then your header needs to be X-XSRF-TOKEN - note the xsrf not csrf
1 like
Level 2
I added the header and now i get a decryption error... Any idea how to solve this? I retrieved my csrf token using Session::token() like so:
Route::get('csrf', function() {
return Session::token();
});
Level 1
As Laravel 5.0.6, X-XSRF-TOKEN is for encrypted token and X-CSRF-TOKEN is for non-encrypted. I think you should use X-CSRF-TOKEN in this case as Session::token() might be returning plain text value.
1 like
Level 2
What I had to do is,add a X-XSRF-TOKEN in the header and copy paste the XSRF token value in the value field.I copied the XSRF token value from the response header of my request and added it against the X-XSRF-TOKEN . This should work pretty well as I have tested it. Laravel expects a X-XSRF-TOKEN token and we need to add it manually in case of postman
2 likes
Please or to participate in this conversation.