Expand my Community achievements bar.

Elevate your expertise and be recognized as a true influencer! Nominations for the exclusive Adobe Community Advisor program 2023 are now OPEN.

\/libs/granite/csrf/token.json query


Level 3


In 6.4 when I hit /libs/granite/csrf/token.json it gives me a empty json with json response.

however in 6.2, /libs/granite/csrf/token.json it redirects to login page (which we used in our code to add basic authentication and token headers to login to AEM through ajax call)

also, in crx/de token path looks grayed out

any thoughts ?

3 Replies


Level 3

rajeshs28932860 AFAIK, this change in behavior is due to the granite:FinalArea mixin added to the node in AEM 6.4. This property is being brought starting 6.4  which marks the area for the internal code to prevent customizations.


Level 10

By default, only authenticated users can access the token. Hence, login as admin/other user and then you should be able to see the token.

The source code should include a dependency on granite.jquery to get the token.


Level 1

Hi Gaurav, end users will not be authenticated in AEM web console while accessing site pages on AEM. As an end user i'm seeing blank csrf token retrieved from token.json call. 

While in my local, when i'm authenticated in AEM web console as an admin user, i can see CSRF token json string returned in token.json call.


How to fix this issue when an end user is not authenticated in AEM?