Any component that relies on the granite.jquery dependency will benefit from the CSRF Protection automatically otherwise as mentioned by Wasil you can use /libs/granite/csrf/token.json which will generate the token as {“token”:”ey….″}
It's generated/injected via filter, part of platform code, no direct API exposed(wait for other replies) but making a HTTP GET on '/libs/granite/csrf/token.json' should return JSON response having the token.
Any component that relies on the granite.jquery dependency will benefit from the CSRF Protection automatically otherwise as mentioned by Wasil you can use /libs/granite/csrf/token.json which will generate the token as {“token”:”ey….″}