SAP OData post 403 despite sending token and cookie

We are developing an app which uses some Odata services from an SAP backend. For posting an entity in SAP we first execute a GET with the service to get the csrf token and the cookie (containing the SAP session id). Despite added the both the cookie and the token to the request header the subsequent POST operation returns a 403 error, stating the token validation failed.

Does anyone have a clue?



Nordin Ahdi wrote:

Hi John,

See if the following post can help you out:



Hi Nordin,

Unfortunately that's not the solution and we are already sending the full cookie received with the ftech token request, but thanks for pointing to this post!