A web request forgery may include a web request sent by a malicious client on behalf of a legitimate client. The malicious client may be intending to harm the legitimate client in some manner. The web request forgery may allow the malicious client to perform unauthenticated actions. The unauthenticated actions may appear to be on behalf of a legitimate client and/or a signed-in end user. Additionally, the unauthorized actions may compromise a legitimate client's confidential data. The legitimate client may have no awareness that such actions have occurred. Further, web request forgery may lead to extra load on a server, a cloud service, or other platform, and may result in denial of service to a legitimate client.