Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

/libs/granite/csrf/token.json query

Avatar

Level 3

Hello

In 6.4 when I hit /libs/granite/csrf/token.json it gives me a empty json with json response.

however in 6.2, /libs/granite/csrf/token.json it redirects to login page (which we used in our code to add basic authentication and token headers to login to AEM through ajax call)

also, in crx/de token path looks grayed out

any thoughts ?

3 Replies

Avatar

Level 3

rajeshs28932860 AFAIK, this change in behavior is due to the granite:FinalArea mixin added to the node in AEM 6.4. This property is being brought starting 6.4  which marks the area for the internal code to prevent customizations.

Avatar

Community Advisor

By default, only authenticated users can access the token. Hence, login as admin/other user and then you should be able to see the token.

The source code should include a dependency on granite.jquery to get the token.

Avatar

Level 1

Hi Gaurav, end users will not be authenticated in AEM web console while accessing site pages on AEM. As an end user i'm seeing blank csrf token retrieved from token.json call. 

While in my local, when i'm authenticated in AEM web console as an admin user, i can see CSRF token json string returned in token.json call.

 

How to fix this issue when an end user is not authenticated in AEM?