Django API Post method returns 403 error

I could not understand your question correctly, but CSRF verification failure is caused when "requests via ‘unsafe’ methods, such as POST, PUT and DELETE" are performed without using recommended defense settings against CSRF (Cross Site Request Forgeries).

You can read more on this link.

There is a quick work-around to problem. You can use csrf_exempt decorator to mark a view as being exempt from the protection ensured by the CSRF View Middleware (django.middleware.csrf.CsrfViewMiddleware). Example:

from django.views.decorators.csrf import csrf_exempt
from django.http import HttpResponse

@csrf_exempt
def my_view(request):
    return HttpResponse('Hello world')

You can read more about is here.


Have a read of the Django docs on CSRF protection. If your api is going to be accessed by javascript in the browser, then there are instructions for how to include the token in an ajax request.

If the API is accessed in a different way e.g. from a mobile client that doesn't use cookies, then it might be appropriate to turn off the CSRF protection for that view, using the csrf_exempt decorator.