A CSRF (Cross-Site Request Forgery) token is a unique, cryptographically strong secret that proves a request is legitimate and originated from our verified interface.
It prevents malicious websites from forging requests on your behalf. Without this "handshake," an attacker could theoretically trigger actions in your account just by having you visit their site in another tab.
If you're seeing a "Token Mismatch" error, your session likely timed out. Refreshing the page generates a fresh token and restores your secure access immediately.