ValidateAntiForgeryToken over HTTP post WEBAPI

Question: How can I use ValidateAntiForgeryToken over anonymous user access?

Answer: When AllowAnonymous attribute exists, all other authorize attributes will be ignored. Therefore, our recommendation would be to remove [AllowAnonymous] to let other authorized attributes work normally.

Content Author: Radu Vaduva

Comments

0 comments

Please sign in to leave a comment.