Skip to main content


         This documentation site is for previous versions. Visit our new documentation site for current releases.      
 

Enabling cross-site request forgery support

Updated on July 1, 2021

You can enable cross-site request forgery (CSRF) settings for the system from the Cross-Site Request Forgery landing page. These settings help prevent attacks that might cause a user to perform unintended actions in the system, for example, unintentionally changing a password.

You can do several tasks on the Cross-Site Request Forgery landing page. For example, you can enable a CSRF token check and manage Referrer settings. CSRF tokens are unique tokens that are generated by a random number generator and assigned to Pega URLs. For information about performing these tasks, see Enabling and configuring Cross-Site Request Forgery settings.

  • Previous topic Enabling and configuring Cross-Site Request Forgery settings
  • Next topic Understanding dynamic system settings

Have a question? Get answers now.

Visit the Support Center to ask questions, engage in discussions, share ideas, and help others.

Did you find this content helpful?

Want to help us improve this content?

We'd prefer it if you saw us at our best.

Pega.com is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us