csrf_token Tag

Utility Most Useful


The {% csrf_token %} tag must be included in all Django forms.

This will generate a hidden input in the form like this:

<input type="hidden" name="csrfmiddlewaretoken" value="ogCnWDqYM5XnnkQWaVz49uLeEj5qYYh3RGTnMEAKy3zYsiWZx4PNoCm2ata02pjR">

This value will be checked using Django’s built-in middleware to protect against cross site request forgery.


Use it.

Did we get something wrong? Is there a use case for the csrf_token tag that we should add? Please let us know.

Send Feedback

Official Documentation
This page last updated on Oct. 30, 2022, 1:22 p.m. EST