I sent a “POST” request via external server for version magento-2.3
My internal Magento URL cannot verify and response is
"Invalid Form Key. Please refresh the page."
as a summary, i want to reach to magento-2.3 from outside and is there any valid way to do it
Additional information
I'm planning to build a payment module for my Magento store, So my PSP working with this way;
When the customer clicks pay button of javascript embeded payment form, my PSP POSTing a value to my provided callbackUrl which is my controller inside of my module. (So I'm expecting a POST value to my controller.
When I'm trying to grab the value with this code piece ($postData = $this->getRequest()->getPostValue(); $postData['token']).
When I'm trying to do this, Magento is requesting a value named "form_key". In earlier version there was no usage like this. I'm suspecting there is a change in the Magento 2.3.0.
Re: External Request - Invalid Form Key Magento 2.3
Hi, please let me know where to implement this CsrfAwareActionInterface method. I am using Magento 2.3 with payfort as a paymnet gateway. parameter form_key is appended to paymnet post method. Please let me know where I can add these methods. Thank u so much.
Re: External Request - Invalid Form Key Magento 2.3
@kgerasimov Bypass CSRF Validation solve the original issue but another issue we are facing is, if we add code to bypass CSRF validation then itclears customer session and customer logged out automaticallywhen we come back from the hosted payment page.
