How to send POST request to Flask API employing CSRF token from mobile device (android) app?

Question

Question:

How can I POST data from my android app to my flask web app which is employing CSRF protection?

Background: I've built a website using Flask, and have protected it from CSRF attacks by globally deploying CSRFProtect(), which comes from the Flask-WTForms package.

I am building a phone app that will allow a user to automatically send data to their account on the Flask database every day.

I can successfully access the Flask API using a GET request from my android app. I am unable to successfully send a POST request from my android app, unless I turn off global CSRF protection within my Flask API.

My thoughts so far: Option one - turn off CSRF protection if request is coming from an application. From reading I understand that CSRF attacks require cookies, which are only generated by browsers, and thus if my request is coming from my app, then I am safe from CSRF attacks and could turn off CSRF protection for a specific URL. BUT, this URL could be accessed by anyone if they were to discover it, so I would need to keep CSRF protection on if the request was coming from a browser, and turn it off if coming from my android app. Is this possible?

Option two - get the CSRF token on my android app. I don't think that coding the token into my app would be safe, as anyone would be able to download the app and potentially access the code (right?). If that's true, then I would need to somehow get the token from Flask via an authentication process with the Flask app. BUT, how can I send form data to the flask app if CSRF protection is blocking my POST requests?

Please advise. Normally with enough googling I can figure out an answer, but on this I'm stuck! Thank you!