Robert McIntosh
Results
3
comments of
Robert McIntosh
That gives me "CSRF double submit tokens do not match". that is putting the refresh token in the X-CSRF-TOKEN header.
That worked. So why do I need that if it already a cookie and on a post and not a get?
ok. yeah without documentation that is really confusing :)