PARAMETERS_INCONSISTENT

Some special values can be delivered to the API service in multiple locations of a single API request (e.g., in HTTP headers and in query arguments). If this is the case all the values must be the same (to prevent CSRF).

Reason

  • Values in alternative locations are not the same
  • The array of resource IDs contains duplicates

Solution

  • Be sure to specify the same value in all the alternative locations, that you use (see below)
  • Check if anything between the API client and the API service does not insert wrong values (e.g., this can be the web browser, that adds the session ID into cookies)
  • Remove duplicates from the IDs array

Example

{
    "status": 400,
    "errors": [
        {
            "code": "PARAMETERS_INCONSISTENT",
            "message": "One or more parameters appear in different locations and do not match, possible CSRF attempt",
            "more_info": "https://developer.kayako.com/api/v1/reference/errors/PARAMETERS_INCONSISTENT"
        }
    ]
}

Alternative locations

Here is the list of alternative locations, values of which must be the same:

  • The X-OTP HTTP header and the _otp query argument (see OTP authentication step)
  • The X-Portal HTTP header and the _portal query argument
  • The X-Session-ID HTTP header, the _session_id query argument and the session ID cookie (see Session)
  • The X-Timestamp HTTP header and the _timestamp query argument (see Authentication)
  • The X-Token HTTP header and the _token query argument (see Authentication)