Post request with csrf

Search the forum and you will find plenty has been written already.

In a RESTful API basically you can't send (in the normal way) the CSRF verification token. Laravel expects in a post request that you send the CSRF token to validate it, but of course, you are not sending this. The right approach depends of your client app. If your client app is inside your own platform, so you can storage the CSRF token and send it as a field or header in your request. BUT if your API is to be used by third party apps is a little difficult provide the right CSRF token for every one so you have to work around disabling the CSRF token middleware and disable the session persistance to remove the CSRF vulnerability.

I hope it helps. Best wishes.

@sger You want to make REST API for cross platform access but you want to add CSRF ? It's funny !
You need to remove below code from Laravel_Root/app/Http/Kernel.php

\App\Http\Middleware\VerifyCsrfToken::class,

but if you want to use CSRF on other field the add below code in $routeMiddleware[]

'csrf' => \App\Http\Middleware\VerifyCsrfToken::class,