I was trying to use provisioning api to search a user by url
http://admin:secret@example.com/ocs/v1.php/cloud/users?search
by shows CSRS check failed .
I searched the reason is OCS-APIRequest
header to be set true`
but how and where to set it?
Are you using curl? Because then the parameter
--header "OCS-APIRequest: true"
should be used in your curl command. Basically the same parameter can be used in any type of connector you use for the API.
curl will tell me
status code 907
message current user is not logged in
then I tried curl -s http://localhost/nextcloud/index.php/login -c cookiefile -d “user=xxx&password=xxx”
nothing happened ,
still not logged.
Thanks! works with curl -u username:password -X GET ‘https://example.com/abcdefg…’ -H “OCS-APIRequest: true”
But I acutually want to call it from outside. by Ajax .
but seems doesn’t work
even I set headers{
“OCS-APIRequest”:“true”
}
from the tutorial
https://docs.nextcloud.com/server/12/developer_manual/app/tutorial.html?highlight=ajax
I think I can modify some source code to add@NoCSRFRequired
anyone think it will work?
please help