Error "Forbidden CSRF verification failed" occurs when trying to create a new Bitbucket account

Platform Notice: Cloud Only - This article only applies to Atlassian products on the cloud platform.

Summary

A user is invited to a workspace on Bitbucket, this user receives the invitation via email. By clicking on the link, the user is directed to Bitbucket to create an account. When filling in the information and trying to proceed, the error "Forbidden CSRF verification failed" occurs.

Environment

Bitbucket Cloud.

Diagnosis

When accepting an invitation link to join a workspace the browser throws the CSRF error.

Cause

The "Forbidden CSRF verification failed" error occurs when the token included in a form submission or API call doesn't match the expected value. This can be caused by a number of reasons, like missing or expired tokens, incorrect token values, etc.

Solution

For a user encountering the "Forbidden CSRF verification failed" error, here are a few steps that help resolve the issue:

  1. Try accessing the same page in another browser or in an incognito window. This may help identify if the issue is related to your browser settings or cache

  2. Refresh the page: Sometimes, refreshing the page can resolve the issue if the error is temporary or due to a network issue.

  3. Clear your browser cache: Clearing your browser cache may help resolve the issue if it is related to a stale or incorrect browser cache.

  4. Log out and log back in: Logging out of the web application and logging back in can help reset any existing tokens or sessions and resolve the issue.

  5. If the issue persists, please contact support to verify.

Updated on February 26, 2025
Platform
Cloud only
Product
Bitbucket Cloud
On this pageSummaryDiagnosisCauseSolution

Still need help?

The Atlassian Community is here for you.
Ask the Community