RBAC whitelist in config does not allow POST

[crimson-med]

Hello,

I have added this in config/web.php

'as access' => [
    'class' => yii2mod\rbac\filters\AccessControl::class,
    'allowActions' => [
        'site/*',
        'admin/*',
        'note/*',
    ]
 ],

If I make an AJAX POST request to my controller action.
controllers/NoteController.php

public function actionDelete() {
    echo "hello world";
    die();
}

I will get access denied however if I make a AJAX GET request I have no issue.