REST token

Skip to first unread message

Apr 17, 2016, 5:10:13 PM4/17/16
to Fat Free CRM Developers
Hi guys,
I have spent more than couple of hours of getting an auth token over REST, I can get all I want with Basic Authentication with GET method,thats ok, but when I want to post something to server I am getting an InvalidAuthenticityToken error message. I thought that GET http://localhost:3000/authentication.json with basic auth will get me back json with that token but it just return the dashboard and no json that I would expect.

I will be thankful with any help.

Many thanks Cyril. 

Steve Kenworthy

Apr 20, 2016, 12:49:50 AM4/20/16
My understanding is that AuthenticityTokens are used mainly on HTML form POST requests and are generally disabled for API POSTs.

Here's an example from the Rails docs that mentions this exact case:

More reading on CSRF attacks: (you'll want to consider these if you turn off the token validation.)


You received this message because you are subscribed to the Google Groups "Fat Free CRM Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email to
To post to this group, send email to
Visit this group at
For more options, visit

Reply all
Reply to author
0 new messages