Dashboard returns 403 on stats call

Tags: #<Tag:0x00007fb51028be88>

Hi all,

I’m running HF in .net core 3.1 and when I navigate to the dashboard it will load correctly, but all calls to the /stats endpoint returns 403. I have setup the authorization filter to always return true and have disabled the UseAuthorization from the configuration.

Has anyone else faced this issue?

Are you going through a load balancer? The .net core dashboard has anti forgery tokens which cause this (if the request to /stats doesn’t go to the original server that issued the token you get a 403 response).

If this is the case, there is an option in startup to remove this, IgnoreAntiforgeryToken, in the UseHangfireDashboard setup.

1 Like

@Andrew_Borland doing gods work, thank you!

Hello Andrew,

could you please provide me with more details, because I am currently using SSL Offloading on our production servers and we have an .Net Core Web App that works behind a load balancer and the SSL is being granted through the load balancer.

Kind Regards,