CSRFPreventionFilter: Token provided via HTTP Header is absent/empty

I had this bug after deploying to Tomcat.
After the workaround when I try to deploy a process using the modeler or Postman, I get this response

{
    "timestamp": "2019-06-04T10:34:17.415+0000",
    "status": 403,
    "error": "Forbidden",
    "message": "CSRFPreventionFilter: Token provided via HTTP Header is absent/empty.",
    "path": "/bpmn_war/resources/engine/default/deployment/create"
}

Not sure what is going on here, I haven’t enabled no CSRF filter in the application and I’m using Basic Auth with admin credentials.

Is there a way to fix it?
Thanks