I was able to resolve that issue.
So it seems like disabling CSRF or configuring it according to what was described in this post actually works.
It was my mistake that it didn’t work in the very beggining - I have disabled CSRF in wrong configuration that had lower order of execution in spring boot filter chain. I applied it with higher priority and now it works like a charm. Shame that I had to spend a few days to spot such a miserable mistake 