cancel
Showing results for 
Search instead for 
Did you mean: 

CSRF token is missing in MDK Client 6.3.4 for iOS

1,356

Hello experts,

I face a confusing issue with SAM MDK 6.3.4 when it runs on iOS. I receive the following error on my first attempt to call the backend: CSRF token is missing. The issue is reproducible with the application Mobile Svc installed from AppStore as well as with custom MDK client build v.6.3.3 and 6.3.3

The service endpoint is OData v.4 and the error is observed only on iOS: on real device and simulator. It works without issue on Android

There are 2 strange things about the error:

  • it seems the error is thrown by the backend, because JSON error object looks like this:

{"error":{"code":"/IWBEP/CM_V4H_RUN/043","message":"CSRF token is missing","@SAP__common.ExceptionCategory":"CSRF_Token_Missing"}

  • I don’t register any call to the backend on NW Gateway client traces

Do you fetch this CSRF token during the application boarding? Do you use a technical user for this? Do you have any explanation or hint what I could miss and how I can further investigate is something is wrong with the application?

Regards,

Dimiter

claudio_mendes
Explorer
0 Kudos

Is there any feedback about this question because I've the same problem. On Android works fine, the app retrieves the CSRF token and sends it on the POST, but when running the same app on IOS the error of missing CSRF token happens.

bill_froelich
Product and Topic Expert
Product and Topic Expert
0 Kudos

We have a fix targeted for the next patch and release to address Dimiter's issue.

claudio_mendes
Explorer
0 Kudos

bill.froelich is there any estimate when this issue will be resolved? I've version 6.3.6 and it's still not working.

View Entire Topic
bill_froelich
Product and Topic Expert
Product and Topic Expert

MDK 6.3.7 has been released to the SAP Marketplace and includes a CSRF fix. Please download and retest to confirm if it addresses your issue.

claudio_mendes
Explorer
0 Kudos

I can confirm that it is resolved on our app.

rene_mueller02
Employee
Employee

Hi Bill,

i'm succeeding Dimiter as MDK developer for our RTOP app.

I can confirm that the issue has been resolved for our app too!

Many thanks & best regards

René