How are you creating the session? What endpoint are you using to login? Does the account you're using have 2FA enabled?
Can you confirm that you're successfully retrieving a valid CSRF token?
What headers are you passing as part of your POST request?
As @TheWWRNerdGuy mentioned, the content type of your POST shouldn't be JSON; it should be application/x-www-form-urlencoded. Since it looks like you're using Requests, you should be passing your payload via the data kwarg (and not json or params). Try the following.
import json
def post_message(session, wiki_base_url, csrf_token, wall_owner_id, title, text_content):
payload = {
'token': csrf_token,
'wallOwnerId': wall_owner_id,
'title': title,
'rawContent': text_content,
'jsonModel': json.dumps({
'type': 'doc',
'content': [{
'type': 'paragraph',
'content': [{
'type': 'text',
'text': text_content,
}]
}],
}),
'attachments': json.dumps({
'contentImages': [],
'openGraphs': [],
'atMentions': [],
}),
}
return session.post(f'{wiki_base_url}/wikia.php?controller=MessageWall&method=createThread&format=json', data=payload)