mirror of
https://github.com/goauthentik/authentik
synced 2026-04-27 18:07:15 +02:00
3a0be5f3f0
* Clean up reverse proxy documentation * website/docs: clarify reverse proxy header requirements * website/docs: lowercase reverse proxy component names * website/docs: clarify trusted proxy network wording * website/docs: point to trusted proxy config location * website/docs: use softer wording for proxy behavior * website/docs: lowercase outpost troubleshooting text * website/docs: remove redundant reverse proxy links * Update reverse-proxy.md Signed-off-by: Dominic R <dominic@sdko.org> * Update website/docs/install-config/reverse-proxy.md Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com> Signed-off-by: Dominic R <dominic@sdko.org> --------- Signed-off-by: Dominic R <dominic@sdko.org> Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
12 lines
904 B
Markdown
12 lines
904 B
Markdown
---
|
|
title: Troubleshooting CSRF Errors
|
|
---
|
|
|
|
With some proxy setups, you might run into CSRF errors when attempting to create/save objects in authentik. This is usually caused by either the _Origin_ or _Host_ header being incorrect.
|
|
|
|
If authentik is running behind a reverse proxy, review the [Reverse proxy](../install-config/reverse-proxy.md) guide as well.
|
|
|
|
Open the system info API endpoint of your authentik instance by going to *https://authentik.company/api/v3/admin/system/*. Take note of the value of _HTTP_HOST_, make sure it matches the domain you're accessing authentik at, and make sure it does _not_ include any port numbers.
|
|
|
|
When submitting a POST request by updating/creating an object, open the browser's developer tools and check the _Network_ tab. Open the POST request and look at the request headers. Make sure the value of _Origin_ matches your authentik domain, without any ports.
|