/users/extlogin endpoint is designed for UI interaction, thus using this endpoint to create a session to be used via API will fail with "Can't verify CSRF token authenticity" for any method except GET. We need to have a separate endpoint to create a proper session to be used via API.
Related issues
Bug #35473: Kerberos authentication fails for POST, PUT and DELETE api calls
Added by Oleh Fedorenko over 1 year ago
Fixes #35473 - Add extlogin API endpoint
/users/extlogin endpoint is designed for UI interaction, thus
using this endpoint to create a session to be used via API will
fail with "Can't verify CSRF token authenticity" for any method
except GET. We need to have a separate endpoint to create a proper
session to be used via API.