SharePoint error 2130575251 - The security validation for this page is invalid and might be corrupted


If you are getting 403 Forbidden exception while creating, editing or deleting a SharePoint Online list item using REST API, follow steps given below to fix the error.

{
"error":{
	"code":"-2130575251, Microsoft.SharePoint.SPException",
	"message":{
		"lang":"en-US",
		"value":"The security validation for this page is invalid and might be corrupted. Please use your web browser's Back button to try your operation again."
		}
	}
}

When creating, updating or deleting SharePoint entities, you need to authorize the requests, they require the server request form digest value as the value of the X-RequestDigest header.
The value can be retrieved by making a POST request with an empty body to http://site url/_api/contextinfo and extracting the value of the d:FormDigestValue node in the XML that the contextinfo endpoint returns.


✔️ Solution - Add "X-RequestDigest": $("#__REQUESTDIGEST").val() to the header of your Ajax as below to fix the security validation error.
Note the double underscore __ which needs to be passed as-is.

headers:{
	"accept": "application/json;odata=verbose",
	"content-type": "application/json;odata=verbose",
	"X-RequestDigest": $("#__REQUESTDIGEST").val()
}


Remote add-ins using OAuth can get the form digest value from the http://site url/_api/contextinfo endpoint.
SharePoint-hosted add-ins which run within SharePoint context can get the value from the #__REQUESTDIGEST page control if it's available on the SharePoint page.

-

Facing issues? Have Questions? Post them here! I am happy to answer!


Author Info:

Rakesh (He/Him) is a seasoned developer with over 10 years of experience in web and app development, and a deep knowledge of operating systems. Author of insightful How-To articles for Code2care.

Follow him on: X

You can also reach out to him via e-mail: rakesh@code2care.org

Copyright © Code2care 2024 | Privacy Policy | About Us | Contact Us | Sitemap