20 Jan 2023 07:59 AM - last edited on 02 May 2023 02:46 PM by educampver
To further investigate a failing workflow, I wanted to manually trigger the app function it calls using a https request. However, doing just that returns a 403 Forbidden with a missing CSRF token, as expected. What kind of authorization do I need to provide for the request to go through? Please tell me that there is a way that does not involve me going digging for a X-CSRF value in the numerous requests that we send.
Solved! Go to Solution.
20 Jan 2023 08:44 AM
Hi Nicolas,
in case you want to authenticate your requests to platform APIs from outside the platform, you need to authenticate them via oAuth. If you are an account admin of your environment, you can create an oAuth client in the Account Management UI. Make sure to select "app-engine:apps:run", as this scope is needed for the functions endpoint.