Error 403 CSRF cookie when submitting forms


I am to connect my app to a third API in order to get a JWT token that will be used for other API calls.
After inserting the username and password, I got the error 403 CSRF cookie required when submitting forms.

The request works perfectly with Postman.

Please find the details in the picture.

I digged all the topics related to CSRF and cookie but could not solve the issue.

Could you please help me?

Thank you.

Kind regards

Can you provide API Doc link?
At first sight, It’s strange to have a multipart form content type for a token request!
Also, why don’t you use the Bubble Auth part instead of self-handled?


Thank you for your answer.

The API is currently developed in my team and there is unfortunately no public documentation available.

With Postman, it works when the username and password are in form-data and the headers look like this :


I haven’t used the Bubble Auth part because in order to login and perform requests to our API, we need to get receive first the access-token provided by this API.

Is it clearer?


Bubble auth part will get the token for you and ise in your API Call.
One thing you don’t have is the user-agent header. Some API will request it.
It will be hard for us to tell you what doens’t work with any doc, but what you can do is to send your request in post to and do that same from Bubble and inspect each call received. Be sure to not forget something in Bubble.

Also, be sure that your API accept the request from Bubble or check the API server for any missing header requested (like user agent).

1 Like