diff --git a/src/Controller/RestUIController.php b/src/Controller/RestUIController.php
index ebff64d..03d5154 100644
--- a/src/Controller/RestUIController.php
+++ b/src/Controller/RestUIController.php
@@ -208,7 +208,7 @@ class RestUIController implements ContainerInjectionInterface {
    * @throws \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException
    */
   public function disable($resource_id, Request $request) {
-    if (!drupal_valid_token($request->query->get('token'), 'restui_disable')) {
+    if (!\Drupal::csrfToken()->validate($request->query->get('token'), 'restui_disable')) {
       // Throw an access denied exception if the token is invalid or missing.
       throw new AccessDeniedHttpException();
     }