Refactor to allow CSRF bypass, improve error logging for API authoring

Refactor to allow CSRF bypass, improve error logging for API authoring #297