Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

SAP Build Application: Issue in OData POST/PUT Operation failed with CSRF-Token validation failed

manish_kumar64
Explorer

on ‎2023 Nov 01 6:26 AM

3,473

I'm currently facing an issue with CSRF-Token validation while attempting POST/PUT operations in my SAP Build application. The application runs smoothly on the local environment, and I've successfully tested it under the Data tab using the update method. However, when I build the application as MTAR and deploy it to the BTP CF, the POST/PUT operations encounter CSRF-Token validation failures.

I've configured the SAP Cloud Connector and destination on BTP, and the integration in the Data tab of the SAP Build application seems to be working without any hitches. The issue only arises after deployment to BTP CF.

I would greatly appreciate your insights or any guidance you could provide to help resolve this CSRF-Token validation issue.

Thank you in advance for your time and assistance.

Best Regard's

Manish Kumar

SAP Build Data Tab

Post Operation Locally

Post Operation from BTP deployed application

Know the answer?

Help others by sharing your knowledge.

Answer

Need more details?

Request clarification before answering.

Show replies
Show replies

Accepted Solutions (0)

Answers (4)

Answers (4)

nishantbansal91
Active Contributor
‎2024 Jul 03 7:16 AM
0 Likes

Hello @Venkat_Vyza 

I have changed parameter value also but still facing the same issue. Any other thing I can check? 

Show replies
Show replies
Venkat_Vyza
Active Participant
‎2023 Nov 18 12:33 AM
0 Likes

Hello @manish.kumar64,

You can avoid CSRF token requirement by setting the below parameter to 0 at the Service level in the backend.

Please try and let me know.

Thank you,

Venkat Vyza

Show replies
Show replies
nishantbansal91
Active Contributor
‎2024 Jul 03 7:00 AM
0 Likes
Hello @Venkat,
Raman14
Associate
Associate
‎2025 Jun 25 10:43 AM
0 Likes
where we can find this service data?
Goncalo_Nolasco
Explorer
‎2023 Nov 10 11:40 AM
0 Likes

Hi Manish,

I'm facing the exact same problem. By debugging /IWFND/CL_SODATA_HTTP_HANDLER I can see that, in preview mode, there's an HTTP HEAD request (CSRF token gets fetched) followed by the actual POST whereas in the deployed BTP application, there is only the POST.

Did you find any solution for this?

Thanks!

Gonçalo

Show replies
Show replies
nishantbansal91
Active Contributor
‎2024 Aug 05 9:06 AM
0 Likes
Hello Goncalo, Any update? I am still facing the issue. I have added the property in the destination and changed at Service level too.
agpekka
Product and Topic Expert
Product and Topic Expert
‎2023 Nov 01 12:36 PM
0 Likes

Hello, did you already try to provide

BuildApps.RequiresCsrf = true

In btp destination additional properties?

https://help.sap.com/docs/build-apps/service-guide/sap-systems

In preview there is a proxy in between that handles the token, but in standalone apps that is not present.

Show replies
Show replies
manishkmrmehta_
Explorer
‎2023 Nov 02 4:41 AM
0 Likes

Hello Pekka,

As per your guidance, I have incorporated the additional property in the BTP Destination configuration to address the X-Csrf-Token validation issue. Unfortunately, despite these efforts, the problem persists, and I am still encountering the X-Csrf-Token validation failure.

I have double-checked the configuration, and I can confirm that the additional property has been successfully added. However, the expected resolution has not been achieved. I would greatly appreciate any further insights or recommendations you may have to help us overcome this challenge.

Ask a Question