I’m working on a login in a Android App which loads the authorize page via WebView.
My URL looks something like this:
The login form loads fine in my app but once I try to login with any account i get a blank page with only 1 line of text “Forbidden - CSRF token invalid”
Earlier I had this exact same setup working, but now it throws this error. Sign Up results in the same. New ClientId/App doesn’t help either.
Any idea what I’m doing wrong? I’m getting a redirect to passport.twitch.tv but I don’t see any csrf_token in there just my client id (twice weirdly)
Looks kinda weird: