I'm having some trouble understanding CSRF tokens. I'm building a simple HATEOAS service with no front end.
Spring Java config enables CSRF by default. Where in the documentation can I find details on how to get the token?
If you don't want csrf protection (normally you don't for an API resource) you can set http.csrf().disable()
. (Standard Spring Security. I'm sure it's in the docs.)