Tuesday, February 20, 2018

Sitecore Experience Commerce - antiforgery error in API calls

When attempting to run some of the Experience Commerce APIs via Postman, several of the import and add methods would fail with a 500 error. Inside the logs of the commerce authoring site, the following was present:
66 09:46:58 INFO Request starting HTTP/1.1 PUT http://localhost:5000/api/ExportInventorySets application/json 95
66 09:46:58 INFO Successfully validated the token.
66 09:46:58 INFO AuthenticationScheme: "BearerIdentityServerAuthenticationJwt" was successfully authenticated.
66 09:46:58 INFO AuthenticationScheme: "Bearer" was successfully authenticated.
66 09:46:58 INFO Authorization was successful for user: "sitecore\Admin".
66 09:46:58 INFO Executed action "Sitecore.Commerce.Plugin.Inventory.ApiController.ExportInventorySets (Sitecore.Commerce.Plugin.Inventory)" in 0.6932ms
66 09:46:58 ERROR Connection id ""0HLBNQFHRI3GP"", Request id ""0HLBNQFHRI3GP:00000001"": An unhandled exception was thrown by the application.
Microsoft.AspNetCore.Antiforgery.AntiforgeryValidationException: The required antiforgery header value "X-XSRF-TOKEN" is not present.
Thanks to the help of Naveed Ahmad in the community slack channel, by editing the AntiForgeryEnabled setting to false in the config.json for the authoring site I was able to call the APIs successfully.

No comments:

Post a Comment