Multiple "Invalid CSRF token" on ServiceNow instance.

N Praneeth1
Tera Contributor

‎03-10-2024 11:56 PM

Hello everyone, 

 

Recently we have noticed multiple invalid CSRF token errors on our instances. The error occurs mostly while an API call is done on our ServiceNow instance. The API error is as follows:-

 

[2024-02-29, 05:35:06 UTC] {pod_manager.py:418} INFO - [base] DEBUG: 2024-02-29 05:35:06,660  [connectionpool.py: _make_request: 546] https://<instance URL>443 "GET /api/now/table/sys_audit?sysparm_limit=1&sysparm_exclude_reference_link=true HTTP/1.1" 500 None
StatusCode : 500 , Error Response : Internal Server Error'. 

 

Please note the API fails momentarily with error code 500 and gets resolved (Response code: 200) instantly after few seconds.  

 

Error on ServiceNow instance:-

 

Invalid CSRF token: com.glide.rest.domain.ServiceException: Invalid CSRF token:   com.glide.service_portal.SPRestService.handleUnauthorizedException(SPRestService.java:200)  com.glide.service_portal.SPRestService.rectangle(SPRestService.java:109)  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)  java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)  java.base/java.lang.reflect.Method.invoke(Method.java:566)  com.glide.rest.handler.impl.ServiceHandlerImpl.invokeService(ServiceHandlerImpl.java:44)  com.glide.rest.processors.RESTAPIProcessor.process(RESTAPIProcessor.java:339)  com.glide.processors.AProcessor.runProcessor(AProcessor.java:677)  com.glide.processors.AProcessor.processTransaction(AProcessor.java:288)  com.glide.processors.ProcessorRegistry.process0(ProcessorRegistry.java:184)  com.glide.processors.ProcessorRegistry.process(ProcessorRegistry.java:172)  com.glide.ui.GlideServletTransaction.process(GlideServletTransaction.java:51)  com.glide.sys.Transaction.run(Transaction.java:2501)  com.glide.ui.HTTPTransaction.run(HTTPTransaction.java:27)  java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)  java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)  java.base/java.lang.Thread.run(Thread.java:829)

 

While investigating, we found the following KB Article:-

https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB0565021 

 

From the above KB Article, setting up the system property is not recommended, can any one suggest how can we fix the issue on our system as we still see tons of such error (CSRF) on our instances.

 

Thank you!

0 Helpfuls
  • 1,317 Views
0 REPLIES 0