Laravel cookies & CSRF: Testing APIs with Insomnia

Hi all,

I've been trying to test my APIs with Insomnia which is a Postman alternative. I'm using the session-based auth with Laravel 8 Sanctum.

But on each call, I get a 419 HTTP response code.

Even with the pre-call to sanctum/csrf-cookie as mentioned in the docs.

I don"t know it it's a "Origin" issue or what, but Insomnia sends all the cookies & CSRF headers necessary.

What can be the issue here?