Cross-Site Request Forgery (CSRF) is a type of malicious exploit of a website or web application where unauthorized commands are submitted from a user that the web application trusts. To prevent this attack, all our forms contain a hidden CSRF token to validate that the request is legitimate.
For security reasons, CSRF tokens are rotated each time a user logs in. Any page with a form generated before a login will have an old, invalid CSRF token and need to be reloaded. This might happen if a user uses the back button after a login or if they log in through a different browser tab. Users may receive a CSRF error when this occurs. To resolve this issue, clear your browser cache and reload the page. Then re-enter the information and submit the form again.
This can be a complicated issue, so please reach out to support@narmi.com if you have additional questions or the error continues.
