diff --git a/vaadin-spring-tests/test-spring-security-fusion/frontend/views/main-view.ts b/vaadin-spring-tests/test-spring-security-fusion/frontend/views/main-view.ts
index d879a03d9..c7514631a 100644
--- a/vaadin-spring-tests/test-spring-security-fusion/frontend/views/main-view.ts
+++ b/vaadin-spring-tests/test-spring-security-fusion/frontend/views/main-view.ts
@@ -75,8 +75,8 @@ export class MainView extends Layout {
     `;
   }
 
-  private logout() {
-    logout();
+  private async logout() {
+    await logout();
     Router.go(router.urlForName('public'));
   }
   private getMenuRoutes(): RouteInfo[] {
diff --git a/vaadin-spring/src/main/java/com/vaadin/flow/spring/security/VaadinWebSecurityConfigurerAdapter.java b/vaadin-spring/src/main/java/com/vaadin/flow/spring/security/VaadinWebSecurityConfigurerAdapter.java
index f06621c23..7cb964ee1 100644
--- a/vaadin-spring/src/main/java/com/vaadin/flow/spring/security/VaadinWebSecurityConfigurerAdapter.java
+++ b/vaadin-spring/src/main/java/com/vaadin/flow/spring/security/VaadinWebSecurityConfigurerAdapter.java
@@ -97,8 +97,6 @@ protected void configure(HttpSecurity http) throws Exception {
         // Spring CSRF is not compatible with Vaadin internal requests
         http.csrf().ignoringRequestMatchers(
                 requestUtil::isFrameworkInternalRequest);
-        // nor with endpoints
-        http.csrf().ignoringRequestMatchers(requestUtil::isEndpointRequest);
 
         // Ensure automated requests to e.g. closing push channels, service
         // workers,