I was trying to use provisioning api to search a user by url
http://admin:secret@example.com/ocs/v1.php/cloud/users?search
by shows CSRS check failed .
I searched the reason is OCS-APIRequest header to be set true`
but how and where to set it?
Are you using curl? Because then the parameter
--header "OCS-APIRequest: true"
should be used in your curl command. Basically the same parameter can be used in any type of connector you use for the API.
1 Like
curl will tell me
status code 907
message current user is not logged in
then I tried curl -s http://localhost/nextcloud/index.php/login -c cookiefile -d “user=xxx&password=xxx”
nothing happened ,
still not logged.
Thanks! works with curl -u username:password -X GET ‘https://example.com/abcdefg…’ -H “OCS-APIRequest: true”
But I acutually want to call it from outside. by Ajax .
but seems doesn’t work
even I set headers{
“OCS-APIRequest”:“true”
}
from the tutorial
https://docs.nextcloud.com/server/12/developer_manual/app/tutorial.html?highlight=ajax
I think I can modify some source code to add@NoCSRFRequired
anyone think it will work?
please help