Recent searches
No recent searches
CSRF Token not working for creating an end user's section subscription
Posted Nov 06, 2023
Hi there,
I'm trying to create my own version of the "subscribe" button for a section in an attempt to make a version of this button that will also subscribe the end user to all of the section's subsections. I was under the impression that I could take advantage of the CSRF token described here to make the POST/DELETE requests needed to "follow" or "unfollow."
So far, however, my attempts have been unsuccessful, and it isn't clear to me if this token can actually be used for this purpose.
Strangely, I did discover that the "list section subscription" endpoint works even without any token or authentication header for an end user, which I don't really understand.
I'd be grateful for any information or suggestions.
0
2 comments
Erica Girges
Have you tried using any custom code to listen for the user to hit the subscribe to section button? That might be the best way to achieve what you're looking to do.
Then you could grab all the subsections id's by making an API call to List Sections. Once you have all of the subsection id's, you can iterate through them and make individual subscription requests to each subsection for that user.
0
Erskine Wilson
Hi Erica,
Thanks for responding, but this doesn't solve my problem. It's easy to make a button.
The issue is that API calls to follow and unfollow sections made by an end user require authentication. Please advise.
0