Unfortunately the Nextcloud documents are so weak.

you can find csrf token in this URL: your_nextcloud_domain/index.php/csrftoken.

I used it in angular and for this you should set it in two place: first, set it as request header as requesttoken. second, save it as cookie in your browser and send it along your request as requesttoken.

NOTE: for sending cookie along your request in angular you must set withcredentials:true in request options.like this: this.httpClient.put(this.baseUrl , data, {withCredentials:true});

Until here the csrf error has been solved but remember that you must send your credentials(username,password) in request header for authenticating user.