Expand my Community achievements bar.

Submissions are now open for the 2026 Adobe Experience Maker Awards.
Apply Now

Encountering an error when submitting form with an empty and invalid CSRF token

Avatar

Level 1
Level 1
3/25/25 7:01:44 AM

Hi,

 

I need help with an issue involving an empty and invalid CSRF token when submitting the form. I've already included CSRF token in the client header. 

 

Here are the error logs: 

 *INFO* [[0:0:0:0:0:0:0:1] [1742872764470] POST /bin/ HTTP/1.1] com.adobe.granite.csrf.impl.CSRFFilter isValidRequest: empty CSRF token - rejecting
 *INFO* [[0:0:0:0:0:0:0:1] [1742872764470] POST /bin/ HTTP/1.1] com.adobe.granite.csrf.impl.CSRFFilter doFilter: the provided CSRF token is invalid

 

could you kindly assist me in finding a solution to fix this error? 

 

Thank you.

Views

382

Replies

2
Sign in to like this content

Total Likes

Translate
Translate
2 Replies

Avatar

Level 10
Level 10
3/25/25 7:48:12 AM

The error occurs because the CSRF token is either missing, expired, or invalid. Manually fetch the token from /libs/granite/csrf/token.json and include it in headers, ensure forms use the correct hidden input, and validate client/server configurations.

For example:

// Fetch CSRF token for AJAX requests
$.getJSON("/libs/granite/csrf/token.json", function(data) {
    $.ajax({
        url: "/bin/your-servlet",
        type: "POST",
        headers: { "CSRF-Token": data.token },
        // ... other settings
    });
});

Some helpful links:

https://www.albinsblog.com/2023/03/what-is-csrf-how-is-csrf-protection-enabled-in-aem.html 

https://stackoverflow.com/a/34130703

https://experienceleaguecommunities.adobe.com/t5/adobe-experience-manager/getting-csrf-token-as-inva... 

https://experienceleaguecommunities.adobe.com/t5/adobe-experience-manager/form-submission-is-getting... 

Views

369

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Administrator
Administrator
4/1/25 5:39:51 AM

@SiddhiDa1 Did you find the suggestion helpful? Please let us know if you need more information. If a response worked, kindly mark it as correct for posterity; alternatively, if you found a solution yourself, we’d appreciate it if you could share it with the community. Thank you!



Kautuk Sahni

Views

285

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Related Conversations
Uncertainty on How to Use Experience Fragments on an Angular Site Solved

Views

186

Likes

0

Replies

3
help understand the effects of an Apache RewriteRule to the request object Solved

Views

80

Likes

0

Replies

2
Sling filter not working when using SlingServletFilter annotation

Views

22

Likes

0

Replies

0
AEM as cloud and Generic List (ACS Commons) DAM metadata Schema - Options not saving in the dropdown

Views

298

Likes

0

Replies

1
Can we use Microsoft OpenJDK11 with AEMaaCS ?

Views

118

Likes

0

Replies

2