I recently had to migrate a Catalog from Sitecore Commerce 8.2.1 to Sitecore Experience Commerce 9.0.2. After generating the Commerce 9 compatible Catalog JSON files through the provided migration tool in Commerce 9 Update 2, I proceeded to import the Catalog using the ImportCatalogs() endpoint under ‘CatalogAPISamples/Catalog – API’ in Postman.
I decided to dig a bit deeper and had a look at the Commerce Engine logs. Here’s what I found:
Connection id ""0HLFLMVFMIFEJ"", Request id ""0HLFLMVFMIFEJ:00000001"": An unhandled exception was thrown by the application. Microsoft.AspNetCore.Antiforgery.AntiforgeryValidationException: The required antiforgery cookie ".AspNetCore.Antiforgery.cf4m-F-R1lY" is not present. at Microsoft.AspNetCore.Antiforgery.Internal.DefaultAntiforgery.<ValidateRequestAsync>d__9.MoveNext()
Then it hit me, of course CSRF validation is enabled by default, and I need to disable it before using Postman. Duh!
To get a lowdown on how to disable CSRF validation, head over here.
If you want an overview on how to set up and use Postman, have a look the 'Set up a Postman environment' section here.