Thanks Denny and Christian!
I knew that option to bypass the CSRF check, but I dont have a “good feeling” with that solution. Its just a feeling …
To use the header option is an good idea - this one I did not know!
Will checkt it today and give a feedback here.
Thanks a lot again! 