2 Replies Latest reply on Apr 22, 2014 8:03 AM by ryanrutan

    The request could not be validated as originating from within the SBS application

    apanery

      Hi,

       

      I am firing some jive request from Apache Http Client .

      When I am firing request like /__services/v2/rest/activity-stream/new/count  then I am getting error message throw 'allowIllegalResourceCall is false.'; { "code" : 4026, "message" : "The request could not be validated as originating from within the SBS application" } in response.

      I worked on this issue and come to know that Jive uses CSRF mechanism to protect against session spoofing with REST calls and Jive looks for a header called X-J-Token in some Rest type request.

      The request could not be validated as originating from within the SBS application"

      I have checked all prior responses for X-J Token but haven't found the value of this header in any response .

       

      Please let me know from where I can get the value of this X-J Token header?

      Or is this a random string generated at client side ?