Requirement of CSRF token verification

Hello All,

I am working on API only application using Phoenix in backend and Angular in the front end.
All the user authentication happens via token verification and not actually via sessions.
Because there is no session set to handle the CSRF_token even if I send the valid token from front end.
Please guide me if I need to handle the Protect_from_forgery in my application in the backend?

I am following this source


You’re not using cookies? You don’t need csrf then.

1 Like