Cross-Site Request Forgery landing page

You can enable cross-site request forgery (CSRF) settings for the system from the Cross-Site Request Forgery landing page. These settings help prevent attacks that might cause a user to perfom unintended actions in the system, for example, unintentionally changing a password.

You can do several tasks on the CSRF landing page. For example, you can enable a CSRF token check and manage Referrer settings. CSRF tokens are unique tokens that are generated by a random number generator and assigned to Pega URLs. For information about performing these tasks, see Enabling Cross-Site Request Forgery settings.