CSRF Issue for REST services

Hi all,
I have deployed an instance of the Tomcat Server to a remote server. One of my team is getting a CSRF error when trying to call the REST services from either Insomnia or Postman. Specifically he is calling the process start and message endpoints.He has tried to clear the cookies and caches but the behaviour remains.

When I make the calls from my machine I get no such error. I have tested with basic auth and no auth and we get the same behaviour.

What would cause this issue.

Also I notice that some of the time when my users log in they get errors claiming that the user name/password or user has been locked. The only way I can fix this is to clear the browser cache. This has been confirmed on Safari, Chrome and Firefox.

Are these issues related to some form of aggressive caching?

Thanks.

Screenshot of error