CSRF_TOKEN_MISSING - error when trying to run api's on an elder Web sdk in multitennant cloud.

unknown

Hello. I have an elder Web sdk running on an 13.4 single-tennant-cloud. Now this customer are going to multi-tennant cloud. When I run the Web sdk app on MT I get CSRF_TOKEN_MISSING as response to all api-request. Here is an example of a api-request url: https://m3prdeuc1.m3.eu1.inforcloudsuite.com/m3api-rest/execute/PMS100MI/SearchMO;maxrecs=99999;returncols=PRNO,KSTR,FIDT,ORQT?SQRY=WHST%3A%5B%2020%20TO%2060%20%5D

Can this be solved in an easy way or do we have to rewrite the app to H5 SDK?

Here is example of js-code when doing the api-call.  

const itemDataRaw = {}
const loadMOs = new Promise((resolve, reject) => {
$.getJSON(localRef + '/PMS100MI/SearchMO;maxrecs=99999;returncols=PRNO,KSTR,FIDT,ORQT', {
SQRY: 'WHST:[ 20 TO 60 ]'
})
.done((MOresult) => {
console.log(MOresult)
const MOArray = formatJSONMIObj(MOresult).MIArray
$.each(MOArray, (index, MO) => {
if (!itemDataRaw[MO.PRNO]) {
itemDataRaw[MO.PRNO] = {}

}
if (!itemDataRaw[MO.PRNO].MOArray) {
itemDataRaw[MO.PRNO].MOArray = []
}
itemDataRaw[MO.PRNO].MOArray.push(MO)
})
resolve()
})
})

unknown

Hi Jan,

You need to add an extra call to get the CSRF token to pass to the API. So wrap that into some generic code so that you can request a CSRF token and add that to the following API request. No need to replace everything but some coding is definately required.

I would start by pulling the H5 SDK from the repro and search for where the calls are done, searching for CSRF is a good start. The code is there you just need to port it to the code that you have. 

Here is the code: https://github.com/infor-cloud/m3-h5-sdk/blob/df896dfb2eb2349ad252f062b254afb930f36f04/m3-odin/projects/infor-up/m3-odin/mi/runtime.ts

I would at least wrap the call into a class to keep state. But you can use part of the SDK if you like for the calls, it does not mean that you need to use everything.