How do I send spring csrf token from Postman rest client?

I have csrf protection in spring framework. So in each request I send csrf token in header from ajax call, which is perfectly working.

<meta name="_csrf" content="${_csrf.token}"/>
<meta name="_csrf_header" content="${_csrf.headerName}"/>

var token = $("meta[name='_csrf']").attr("content");
var header = $("meta[name='_csrf_header']").attr("content");

In ajax

beforeSend: function(xhr) {
                xhr.setRequestHeader(header, token),
                xhr.setRequestHeader("username", "xxxx1"),
                xhr.setRequestHeader("password", "password")
            }

I haven't any idea to generate csrf token and include in header section of Postman Rest Client ? Would you please help me to send csrf token from Postman Rest Client? enter image description here

Solution

The Easiest way to do this consistently so you don't have to get the token each time:

Create a new environment so environment variables can be stored

Create a login method with a test to store the XSRF cookie in an environment variable, in the test tab post this code

//Replace XSFR-TOKEN with your cookie name
var xsrfCookie = postman.getResponseCookie("XSRF-TOKEN");
postman.setEnvironmentVariable("xsrf-token", xsrfCookie.value);

EDIT For anyone using the 5.5.2 postman or later you will also have to decode the cookie, and they have also provided alternative ways to obtain cookies as @Sacapuces points out

pm.environment.set("xsrf-token", decodeURIComponent(pm.cookies.get("XSRF-TOKEN")))

Now you will have an environment variable with xsrf-token in it.

Save your login method
Create the new post you want to create and in the headers add your XSRF-Token-Header Key, and the environment variable in handle bars to access it{{}}

Now before running your new request make sure you run your login, it will store the environment variable, and then when you run the actually request it will automatically append it.