We ran DAST and VAPT on keycloak, the report says CSRF not implemented. we don’t find CSRF token in headers and in request. the question is if this enabled where we can find CSRF Token, if not how to enabled it.
You need to sign in to view this answers
Leave feedback about this