Receive a CSRF error in the Developer Portal
Last updated:
Legacy: Tyk Classic Portal
You’re viewing documentation for the Tyk Classic Portal, which is no longer actively maintained.
If you’re looking for the latest API documentation for the new Tyk Developer Portal, please refer to the Postman collection or visit the Tyk Developer Portal section.
The Classic Portal is in maintenance mode and will be deprecated soon. For questions or support, contact us at [email protected].
Description
When the user attempts to log into the Developer Portal a CSRF error (or some variant of this error such as Forbidden - CSRF token invalid
) is displayed on the page.
Cause
Most probably the portal has yet to be activated. Common reasons for this are:
- The
CNAME
was not set in the dashboard. Without aCNAME
, the system won’t react to a new domain name. - There were no active APIs set up under the account which means that the account was not active for a portal either and essentially incapable of proxying traffic.
The use of an incorrect signup form can also cause this issue.
Solution
Users must make sure that they add a CNAME
and an active API to the Dashboard. If the form will require TLS, the user will need to set this up for their custom load balancer. To add this to a cloud instance, a copy of the TLS certificate and the private key file will need to be sent to Tyk Support.