Five New Optimizely Certifications are Here! Validate your expertise and advance your career with our latest certification exams. Click here to find out more
AI OnAI Off
Anti-forgery token not correct
Five New Optimizely Certifications are Here! Validate your expertise and advance your career with our latest certification exams. Click here to find out more
I´m upgrading a sollution to CMS 12.
I use the default optimizely auth scheme, but I also have a second azure b2c oidc scheme for users of the website.
If i´m not signed in with azure or opti submitting forms works fine, but If I sign in with either azure or opti i get this error when submitting
I´m pretty sure it´s because the anti-forgery token is based on your identity, so on the page with the form the token is created with your azure identity.
But the endpoint that recieves the form post ("EPiserver.Forms/DataSubmit/Submit") uses your optimizely identity.
I´m not sure how to solve this, but both sender and reciever have to use the same identity somehow.
Perhaps overriding the token validation? or the form submit action? or can I specify which auth scheme should be used?
I´m happy for any suggestions.