This repository has been archived on 2024-05-31. You can view files and clone it, but cannot push or open issues or pull requests.
authentik/website/docs/troubleshooting/csrf.md
Jens Langhammer cadb710c38
website/docs: add troubleshooting for CSRF
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-02 11:09:03 +01:00

777 B

title
Troubleshooting CSRF Errors

With some proxy setups, you might run into CSRF errors when attempting to create/save objects in authentik. This is usually caused by either the Origin or Host header being incorrect.

Open the system info API endpoint of your authentik instance by going to https://authentik.company/api/v3/admin/system/. Take note of the value of HTTP_HOST, make sure it matches the domain you're accessing authentik at, and make sure it does not include any port numbers.

When submitting a POST request by updating/creating an object, open the browser's developer tools and check the Network tab. Open the POST request and look at the request headers. Make sure the value of Origin matches your authentik domain, without any ports.