POST endpoint, without CSRF protection


#1

Hello,

I need to define a specific POST endpoint, without CSRF protection (i.e. I want it publicly accessible).

How do I disable any auth checks for that endpoint only?

Thanks


#2

I recall there was a mechanism introduced to address this. Take a look on learn, if it’s not there let me know and I’ll see if I can track it down.


#3

That would be the blacklist no?
https://learn.userfrosting.com/routes-and-controllers/client-input/csrf-guard#blacklisting-routes