SQL Clone requires that certain requests to its API are made with matching cookie and header values as a mitigation against cross-site request forgery attacks in web browsers. If either of these are missing or they don't match, you will get this error.

Although this is a mitigation against an attack specific to web browsers, this requirement must be fulfilled even if you are using PowerShell or the Azure DevOps extension, and so you can receive this error if they are not configured correctly.

Check that you are using the correct server URL

Using PowerShell

The PowerShell cmdlets require that you pass the SQL Clone Server URL to Connect-SqlClone. You should use root URL of your SQL Clone Server when connecting. If your SQL Clone Server is configured to use HTTPS and/or a custom port, ensure that you specify https:// and the correct port in the URL as necessary.

Do not include any path underneath the server URL, such as /dashboard (this is a path to a section in the web UI).

Using Azure DevOps

When using SQL Clone Azure DevOps tasks, you need to configure a service connection for the SQL Clone Server and provide a Server URL. You should use the root URL of your SQL Clone Server for this. If your SQL Clone Server is configured to use HTTPS and/or a custom port, ensure that you specify https:// and the correct port in the URL as necessary.

Do not include any path underneath the server URL, such as /dashboard (this is a path to a section in the web UI).

Other possible problems

If you are still having difficulties after verifying the server URL, ensure that there are no proxies/firewalls between where you are running the cmdlets or Azure DevOps extension and the SQL Clone Server which could be stripping headers or cookies.