Hello SuperSet Dev Team, I hope this message finds you well. I'm encountering an issue related to an HTTP request, specifically concerning the POST /api/v1/security/guest_token/ endpoint. Upon making the call, I'm receiving a response indicating that the CSRF token is not being sent.
To provide further context, I've attempted to send the token using various header names as a cookie, such as 'csrf-token', 'X-CSRF-TOKEN', 'X-XSRF-TOKEN', 'X-CSRFToken', among others. Additionally, I've included the access_token as an Authorization bearer token. Despite these efforts, I've attached two screenshots illustrating the problem I'm facing. I've explored numerous resources, including Medium articles, Superset documentation, GitHub discussions, and Fullstack forums, in an attempt to resolve this issue, but unfortunately, I haven't been successful. Now that I possess both tokens (access_token & csrf_token), I'm seeking guidance on the correct utilization of these tokens within the POST /api/v1/security/guest_token/ endpoint. Any insights or guidance on how to appropriately include and utilize the CSRF token in this scenario would be greatly appreciated. Your assistance on this matter would be invaluable. I've attached two images depicting the encountered problem for your reference. Thank you for your attention and support. Wishing you all a fantastic New Year filled with prosperity, growth, and achievements. Best regards [image: Imagen de WhatsApp 2023-12-29 a las 11.24.35_93f20c54.jpg]
