Bungienetplatform Wiki
Advertisement

What is X-CSRF?[]

X-CSRF is a HTTP header you must provide to make use of private endpoints. It is a security measure to prevent Cross Site Request Forgeries (CSRF attacks).

What value do I put in it?[]

The exact value of the bungled cookie.

X-CSRF: bungled-cookie-value

ErrorCode 99[]

If you try to make use of a private endpoint without including a valid X-CSRF header and token, you will receive a "Please sign-in to continue." response.

{
   "ErrorCode":99,
   "ThrottleSeconds":0,
   "ErrorStatus":"WebAuthRequired",
   "Message":"Please sign-in to continue.",
   "MessageData":{

   }
}
Advertisement