SharePoint error 2130575251 - The security validation for this page is invalid and might be corrupted


If you are getting 403 Forbidden exception while creating, editing or deleting a SharePoint Online list item using REST API, follow steps given below to fix the error.

{
"error":{
	"code":"-2130575251, Microsoft.SharePoint.SPException",
	"message":{
		"lang":"en-US",
		"value":"The security validation for this page is invalid and might be corrupted. Please use your web browser's Back button to try your operation again."
		}
	}
}

When creating, updating or deleting SharePoint entities, you need to authorize the requests, they require the server request form digest value as the value of the X-RequestDigest header.
The value can be retrieved by making a POST request with an empty body to http://site url/_api/contextinfo and extracting the value of the d:FormDigestValue node in the XML that the contextinfo endpoint returns.


✔️ Solution - Add "X-RequestDigest": $("#__REQUESTDIGEST").val() to the header of your Ajax as below to fix the security validation error.
Note the double underscore __ which needs to be passed as-is.

headers:{
	"accept": "application/json;odata=verbose",
	"content-type": "application/json;odata=verbose",
	"X-RequestDigest": $("#__REQUESTDIGEST").val()
}


Remote add-ins using OAuth can get the form digest value from the http://site url/_api/contextinfo endpoint.
SharePoint-hosted add-ins which run within SharePoint context can get the value from the #__REQUESTDIGEST page control if it's available on the SharePoint page.

-


Have Questions? Post them here!

Topics Coverage:


🎉 We are celebrating the 10th years of Code2care! Thank you for all your support!

We strongly support Gender Equality & Diversity.

Follow Us: GitHub | Facebook | Twitter | Instagram