From SAP documentation: Security Token Handling
The OData V4 model automatically handles a security token via an "X-CSRF-Token" header if needed by its service. To achieve this, the "X-CSRF-Token" header starts with a value of "Fetch" and will be included in every data request. If a data response contains the "X-CSRF-Token" header, that new value will be remembered and used from that time on.
This middleware ensures that when a request asks for a CSRF token
(X-CSRF-Token: Fetch), the response will include the current CSRF token
in the X-CSRF-Token header.
| Methods | ||
|---|---|---|
public
|
handle(Request $request, Closure $next): mixed
|
# |