For each session, a unique form key is generated and embedded into the form as an invisible field. And the same is matched with the user\u2019s request to confirm legitimacy of the request.<\/p>\n\n\n\n
Magento 2 Invalid Form Key Error \u2013 Possible Reasons<\/h2>\n\n\n\n
In many cases, you may encounter the \u201cInvalid security or form key. Please refresh the page.\u201d error in Magento 2, which may look like:<\/p>\n\n\n
![\"Invalid](\"https:\/\/meetanshi.com\/blog\/wp-content\/uploads\/2023\/11\/Invalid-Form-Key.-Please-Refresh-The-Page-in-Magento-2-Error.jpeg\")
<\/figure>\n<\/div>\n\n\nHere are some common reasons for Magento 2 Invalid Form Key error:<\/p>\n\n\n\n
- \n
- You\u2019re using an outdated version of Magento 2<\/li>\n\n\n\n
- Incorrect max_input_vars values (too low for Magento 2)<\/li>\n\n\n\n
- Problems with cookies and sessions due to mismatch of base URL during Migration<\/li>\n<\/ul>\n\n\n\n
Now, let\u2019s go through the possible ways to solve \u201cInvalid Form Key. Please Refresh The Page\u201d in Magento 2.<\/p>\n\n\n\n
How to Solve \u201cInvalid Form Key. Please Refresh the Page\u201d in Magento 2?<\/h2>\n\n\n\n
Here are some possible solutions to the Magento 2 Invalid Form Key Error:<\/p>\n\n\n\n
- \n
- Solution 1: Modify the Magento Installtion Directory File<\/li>\n\n\n\n
- Solution 2: Increase the max_input_vars Value<\/li>\n\n\n\n
- Solution 3: Change the Magento Base URL<\/li>\n<\/ul>\n\n\n\n
Solution 1: Modify the Magento Installtion Directory File<\/h3>\n\n\n\n
First, back up the root\/vendor\/magento\/module-backend\/App\/Action\/Plugin\/Authentication.php<\/em><\/strong> file.<\/p>\n\n\n\n
Then, open the file and disable the following entities:<\/p>\n\n\n\n
$requestParts = explode('\/', trim($request->getRequestUri(), '\/'), 3);\n$baseUrlPath = trim(parse_url($this->backendUrl->getBaseUrl(), PHP_URL_PATH), '\/');\n$routeIndex = empty($baseUrlPath) ? 0 : 1;\n$requestUri = $this->_url->getUrl($requestParts[$routeIndex]);<\/pre>\n\n\n\nAnd add the following entry:<\/p>\n\n\n\n
$requestUri = $this->_url->getUrl($this->_url->getStartupPageUrl());<\/pre>\n\n\n\n
You\u2019ll get the following output:<\/p>\n\n\n\n
\/\/ Checks, whether secret key is required for admin access or request uri is explicitly set\n if ($this->_url->useSecretKey()) {\n# $requestParts = explode('\/', trim($request->getRequestUri(), '\/'), 3);\n# $baseUrlPath = trim(parse_url($this->backendUrl->getBaseUrl(), PHP_URL_PATH), '\/');\n# $routeIndex = empty($baseUrlPath) ? 0 : 1;\n# $requestUri = $this->_url->getUrl($requestParts[$routeIndex]);\n $requestUri = $this->_url->getUrl($this->_url->getStartupPageUrl());\n } elseif ($request) {\n $requestUri = $request->getRequestUri();\n }\n\n if (!$requestUri) {\n return false;<\/pre>\n\n\n\nNow, check if the Magento 2 Invalid Form Key error reproduces or not. If it does, try the next solution.<\/p>\n\n\n\n
Solution 2: Increase the max_input_vars Value<\/h3>\n\n\n\n
One possible reason for the Magento 2 \u201cInvalid security or form key. Please refresh the page.\u201d error can be an incorrect
max_input_vars<\/code> value.<\/p>\n\n\n\nFor the php.ini or .user.ini file, use:<\/p>\n\n\n\n
max_input_vars = 10000<\/pre>\n\n\n\n
For the .htaccess file, use this code<\/p>\n\n\n\n
php_value max_input_vars 10000<\/pre>\n\n\n\n
Now, check if the Magento 2 Invalid Form Key error reproduces or not. If it does, try the next solution.<\/p>\n\n\n\n
Solution 3: Change the Magento Base URL<\/h3>\n\n\n\n
The next solution is to change the base URL of Magento. You can do it in two ways:<\/p>\n\n\n\n
- \n
- Using phpMyAdmin<\/li>\n\n\n\n
- Using CLI<\/li>\n<\/ul>\n\n\n\n
Here\u2019s how to change Magento 2 Base URL using phpMyAdmin:<\/strong><\/p>\n\n\n\n
Log into phpMyAdmin and find the core_config_data<\/strong> table in the database.<\/p>\n\n\n\n
Now, change the web\/unsecure\/base_url<\/strong> value to
https:\/\/127.0.0.1<\/code><\/p>\n\n\n\nClick \u201cGo<\/strong>.\u201d<\/p>\n\n\n\n
(Make sure to use the correct protocol as per your site i.e. http:\/\/ or https:\/\/)<\/p>\n\n\n\n
Here\u2019s how to change Magento 2 Base URL using CLI:<\/strong><\/p>\n\n\n\n
Use the following command to change the Magento 2 Base URL:<\/p>\n\n\n\n
php bin\/magento setup:store-config:set --base-url=\"http:\/\/127.0.0.1:8080\/\"<\/pre>\n\n\n\n
Make sure to change the protocol asper your site i.e. http:\/\/ or https:\/\/<\/p>\n\n\n\n
Now, run the following command to flush the cache:<\/p>\n\n\n\n
php bin\/magento cache:flush<\/pre>\n\n\n\n
And remove the cache folder by using the following command in the root Magento 2 directory:<\/p>\n\n\n\n
rm -rf var\/cache var\/generation var\/page_cache<\/pre>\n\n\n\n
That\u2019s it!<\/p>\n\n\n\n