-1

Im making an app for some form, and im colleting some not sensitive information.

I need to make an automatic report from a server, calling directly to report to download information, but im not being allowed to make the call because is being enabled automatically with antiforgerytoken, so if I make a get request from the server to a controller/action, im receiving an error, but if I make the call throw $2sxc(XXX).webApi, is working.

How i can make the 2sxc api call without antiforgery token

Please help

Ufoloko
  • 31
  • 6

1 Answers1

0

That's simple - just make sure you have [AllowAnonymous] on your class.

You can find working examples in the Mobius Forms app.

See also: https://docs.2sxc.org/web-api/specs/webapi-security.html and https://docs.2sxc.org/net-code/web-api/custom-web-api-security.html

iJungleBoy
  • 5,325
  • 1
  • 9
  • 21
  • I assume this helped, best mark as answered. – iJungleBoy Oct 14 '21 at 06:05
  • Thanks ijungleboy sorry I checked your solution immediately and worked. I just found another thing. I captured API call in browser but to make API calls is needed to change auto to controller name. I think this was a problem too. – Ufoloko Nov 26 '21 at 12:55