CSRF stands for Cross-Site Request Forgery. A CSRF token is a unique, secret, and unpredictable value that is generated by a server-side application and transmitted to the client. The purpose of a CSRF token is to prevent unauthorized commands from being transmitted from a user that the server trusts.