CSRF Protect in processor

RatneshTSN · ‎12-16-2017

Do anyone know, how to use in CSRF token in processor.

I have created processor & I want to explore *CSRF protect* option.

If I make it active, how it will be called, I am not finding any help in servicenow docs, or any online posts

Here is what I check or tried

1. Checked the sys_properties, it is true

2. Enable it on processor

3. Access it, getting 401, unauthorized

4. Without CSRF enable, its working fine

5. How I can pass CSRF token to the URL, first thing I want to understand where it is set in system & its working.

Any help would be great.

Thanks, in advance.

Ravish Rawat · ‎01-16-2019

Hi Ratnesh,

Got it working. Here is the solution

pass the parameter 'sysparm_ck' in the url and use gs.getSessionToken() to set the value. if you are using the scoped application you should use the alternative of gs.getSessionToken() which you can find in the API section.

Something like

https://yourinstance.service-now.com/test?sysparm_ck=ef7694294f07230038663cb28110c7cfe7008b31e34a74257593facbc10c901510bca07f

View solution in original post

RatneshTSN · ‎12-18-2017

sergiu.panaite sachin.namjoshi pradeepksharma

Hello Sergiu/Sachin/Pradeep: Would you please help on this, I am stuck at this from long time.

Sergiu Panaite

sergiu_panaite · ‎12-18-2017

That flag just tells the platform to use a CSRF token. The CSRF option comes from :

High Security Settings

Ravish Rawat · ‎01-07-2019

Any update on this. Facing the same issue

RatneshTSN · ‎01-10-2019

Sorry buddy, No, I did not get the answer.

If by -chance you get any please update here.

Many thanks.