We have been making requests to the Webmaster API for many months now and just recently we've been receiving 400 errors stating "Origin and Referer request headers are both abscent/empty." I cannot find anything in the Webmaster API documentation that refers to this error or tells me what the "origin" and "referer" headers should be since we haven't been using them. I've tried using my app's registered URL as a referer, but I would get the error, "Could not extract anti-forgery token."
Copy of request and response below
< POST /webmasters/oauth/token HTTP/1.1
< Host: www.bing.com
< User-Agent: python-requests/2.22.0
< Accept-Encoding: gzip, deflate
< Accept: */*
< Connection: keep-alive
< referer: channelmix
< Content-Length: 964
< Content-Type: application/x-www-form-urlencoded
<
< client_id=xxxxxxxx&client_secret=xxxxxxxx&grant_type=refresh_token&refresh_token=xxxxxxxxx
> HTTP/1.1 400 Bad Request
> Content-Length: 45
> Vary: Cookie
> Content-Security-Policy: frame-ancestors 'self'
> X-Powered-By: ASP.NET
> X-Cache: CONFIG_NOCACHE
> Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
> X-MSEdge-Ref: Ref A: 23B99E30D7754B7EBD964DE121B7779D Ref B: CHGEDGE1821 Ref C: 2022-01-21T22:21:25Z
> Date: Fri, 21 Jan 2022 22:21:24 GMT
>
Could not extract expected anti-forgery token