locked
Error - The X-CSRF-Signature header could not be validated RRS feed

  • Question

  • Hi Guys,

    I am a beginner to Azure and trying to connect to the SQL Server DB using SQL Server authentication which is throwing the below error.

    The X-CSRF-Signature header could not be validated.

    I am not sure how to resolve. Can somebody help me in resolving it.

    Thanks in Advance.

    Friday, August 2, 2019 4:11 AM

All replies

  • Hi Sarat,

    Thanks for the feedback. Could you please confirm, whether you are using SSMS for connecting to SQL Server DB or using REST API.

    Friday, August 2, 2019 9:18 AM
  • I have logged into azure portal and then selected the database to which I am trying to login.
    Friday, August 2, 2019 3:57 PM
  • Hi Sarat2701,

    I am unable to reproduce this your issue. I am able to navigate to an Azure SQL Database instance, and select Query Editor blade followed by entering my SQL Admin credentials.

    Are you accessing this database by the SQL Admin or by another user with privileges less than Admin? Thank you for the additional details.

    Regards,

    Mike

    Thursday, August 8, 2019 11:02 PM
  • Please let us know if this is still an issue. Thank you!
    Monday, August 12, 2019 11:01 PM
  • Hi,

    I hope the information provided for your concern is helpful. Please "Mark as answer" if it was helpful, so that it can help the other users with same problem.

    If you need more information, please let us know.

    Wednesday, August 21, 2019 6:39 AM
  • Did anyone find the fix for this? I am having the same issue.

    

    Thursday, September 5, 2019 7:44 PM
  • There is one case where the client clock is not within 5 min of the server clock:

    For error messages relating to the “X-CSRF-Signature header” validation -

    This header is created and validated to prevent a certain type of attack against your Azure SQL Servers.  Specifically, some web browsers can save your passwords which might then allow an attacker who doesn’t know the password to issue queries using the remembered password.  In order to prevent this type of attack, known as Cross Site Request Forgery (CSRF), we attach this little bit of extra data, called the “CSRF Signature”.  This signature proves that the credentials were known at the time of the request, not just remembered by the browser.

     

    This security mechanism requires that your clocks are synchronized to within 5 minutes of our servers, to prevent replay attacks with old CSRF signatures.

    Please ensure that your clock is set to the correct time, as this is the most likely cause for the error message you observed.


    If this is not the case in your situation (clocks appear to be in sync) the PG is investigating root cause. One thing you can try is to change the time zone of you client computer to match the timezone of the region your deployment is currently deployed. This would be a test only. Curious to see if this fixes the issue.

    • Proposed as answer by mihai.sarlea Wednesday, June 3, 2020 7:34 PM
    Thursday, September 5, 2019 9:29 PM
  • I am having the same issue and also my clock has the correct time. Is there any other way to fix this issue?

    Tuesday, September 10, 2019 5:54 AM
  • Hi

    One of the customers completed an experiment and found the issue is with Proxy connection interaction with TLS.

    Here are the results:

    Also the product team is aware of the issue and will try to fix this by end of Sept 2019.

    Thanks
    Navtej S

    Thursday, September 12, 2019 4:36 PM
  • Hi,

    I've the same issur today on my SQL Azure database : The X-CSRF-Signature header could not be validated on login try

    Regards


    Emmanuel Lehmann


    Friday, September 20, 2019 12:53 PM
  • Hi 

    Code fix has been made by Product Team for this and will be available soon everywhere.

    Thanks
    Navtej S

    Friday, September 20, 2019 3:22 PM
  • Hello, dear product team

    I have tried to connect azure database

    but I couldn't connect.

    I get below error

    The X-CSRF-Signature header could not be validated.

    I have already checked above all the quote.

    but I could't continue,

    Can you help me?

    please reply 

    thanks 

    regards


    Thursday, October 24, 2019 6:18 AM
  • Hi Baojingma,

    Can you send me your Azure subscription ID to AzCommunity, and I will return instructions to have a support request created. If you have an Azure Support Plan, please go ahead and create a support request to engage the support team. This is the best means for ensuring the fix has been applied, or if there is another issue occurring.

    Thank you,

    Mike


    Thursday, October 24, 2019 5:17 PM
  • Hello, Mike

    thanks for your reply

    I am biginner to azure.

    what is azure subscription ID?

    Would you please share screenshot?

    I want to resolve as quickly as possible.

    please help me

    thanks

    Thursday, October 24, 2019 10:14 PM
  • Apologies for the delay in getting you an answer. If you navigate to the Overview blade for a specific Azure Service, you will find your Azure Subscription ID:

    Saturday, October 26, 2019 2:12 AM
  • 526e8b8a-de25-4df6-b5ae-97d4467a233b

    Hello

    This is my sucscriptioinID

    please help me!

    Saturday, October 26, 2019 5:20 AM
  • Hi, Please follow these steps:

    You have been enabled for one-time Free Technical Support.  To create the support request, please do the following:

     

    • Go to the Health Advisory section within the Azure Portal: https://aka.ms/healthadvisories 
    • Select the Issue Name "You have been enabled for one-time Free Technical Support"
    • Details will populate below in the Summary Tab within the reading pane and you can click on the link "Create a Support Request" to the right of the message
    • Please send me the Azure Support Request ID once it is created (AzCommunity

    Please let me know if you have any additional questions.

    Regards,

    Mike

    Sunday, October 27, 2019 1:45 AM
  • Thanks! That did the trick for me, sir!
    Wednesday, June 3, 2020 7:34 PM