Section ID: 0c1e0b50-3be3-bf3d-a8bb-eb1040e5d416
Basic information about write access
When calling the API via the HTTP verbs POST
, PUT
, DELETE
and PATCH
, you must specify the Origin
header. The header value must correspond to the calling URL without path. The header is not required for read access (e.g. GET
).
It is necessary to specify a value for Origin
in order to prevent CSRF (Cross-Site Request Forgery) attacks.
Request
PUT /dms/sampleuri Origin: https://samplehost
If the header is missing, the DMSApp will reply with HTTP 403 Forbidden
.