By Hamid Al-qiari - Performance Test Lead Handling CSRF Tokens in JMeter What is CSRF Token A CSRF Token is a secret, unique and unpredictable value a server-side application generates in order to protect CSRF vulnerable resources. The tokens are generated and submitted by the server-side application in a subsequent HTTP request made by the client. After the request is made, the server side application compares the two tokens found in the user session and in the request. If the token is missing or does not match the value within the user session, the request is rejected, the user session terminated and the event logged as a potential CSRF attack. When do you need CSRF token with JMeter We need a CSRF token during the load test. Actually, the CSRF token is generated at run time and can be used only once, so if you use its hard-coded value in your script then your run will fail, because that is a used token and is no longer valid for use. ...