In 6.4 when I hit /libs/granite/csrf/token.json it gives me a empty json with json response.
however in 6.2, /libs/granite/csrf/token.json it redirects to login page (which we used in our code to add basic authentication and token headers to login to AEM through ajax call)
also, in crx/de token path looks grayed out
any thoughts ?
rajeshs28932860 AFAIK, this change in behavior is due to the granite:FinalArea mixin added to the node in AEM 6.4. This property is being brought starting 6.4 which marks the area for the internal code to prevent customizations.
By default, only authenticated users can access the token. Hence, login as admin/other user and then you should be able to see the token.
The source code should include a dependency on granite.jquery to get the token.