10 Replies Latest reply on Oct 26, 2016 6:18 AM by Ryan Rutan

REST API - Cross Origin Error

gregorytdunn91 Mar 4, 2015 6:23 AM

I wrote a script to create a user using the REST API. I am easily able to run the API call through the Advanced Rest Chrome extension. I successfully have created users this way.

However when running this call through a very basic ajax function, I get "XMLHttpRequest cannot load https://***********.com/api/core/v3/people/?welcome=true. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access. The response had HTTP status code 501."

Normally to get around a cross origin error, you can set the dataType to jsonp. But in this case it fails and returns a 500 error. In my understanding the No 'Access-Control-Allow-Origin' header is present on the requested resource error is caused by the browser not accepting cross domain requests ( a different domain than where my script is running). The browser usually only allows a request in the same origin for security reasons. These restrictions are normally not used with extensions. Which explains why I can make the same call via Advanced Rest. Normally to circumvent the error, I can declare the datatype as JSONP (JSONP - Wikipedia, the free encyclopedia). But it doesn't work and returns a 500 server error.

Any thoughts?

I would love to be able to take advantage of the Rest API in this way. It could become a very powerful tool for us as a company. It is vital to scaling the community.

Best,

Gregg

My script (removed sensitive information):

Re: REST API - Cross Origin Error

nilsheuer Mar 4, 2015 6:49 AM (in response to gregorytdunn91)

Hi Gregory!

Jive does not support Jsonp as far as I know.
Like (1)

Actions
- Re: REST API - Cross Origin Error
  
  gregorytdunn91 Mar 4, 2015 6:56 AM (in response to nilsheuer)
  
  Hi Nils!
  
  Thanks for the quick response! So is user creation not possible via an AJAX call to the rest api? Would you recommend using PHP cURL instead of javascript to accomplish user creation?
  
  Like (0)
  
  Actions
  - Re: REST API - Cross Origin Error
    
    nilsheuer Mar 4, 2015 6:59 AM (in response to gregorytdunn91)
    
    Probably, you best bet. I've only ever worked with the Jive REST API from server based application, and it works well for that
    
    Like (1)
    
    Actions
Re: REST API - Cross Origin Error

james.dellow Sep 17, 2015 7:32 PM (in response to gregorytdunn91)

Have you tried creating it as Chrome Extension, rather than a standard web page?
What are extensions? - Google Chrome
Like (1)

Actions
- Re: REST API - Cross Origin Error
  
  gregorytdunn91 Apr 6, 2016 11:00 AM (in response to james.dellow)
  
  Chrome extension works well. However I streamlined this by creating a nodejs app. Happy to share if you are interested
  
  Like (0)
  
  Actions
  - Re: REST API - Cross Origin Error
    
    jordan.van.bergen@copaco.com Oct 25, 2016 12:19 AM (in response to gregorytdunn91)
    
    Gregory Dunn I have build a jive addon using nodejs. The addon works if you go to it directly using the URL of the addon. If I put the addon in a tile it doesn't and I get the error message: No 'Access-Control-Allow-Origin' header ........ What to add to the nodejs / addon to make the addon work in a tile too ??? Do you have the answer?
    
    Like (0)
    
    Actions
    - Re: REST API - Cross Origin Error
      
      gregorytdunn91 Oct 25, 2016 5:29 AM (in response to jordan.van.bergen@copaco.com)
      
      Hi Jordan!
      
      My app runs as a microservice in AWS, separate from the Jive Platform.
      
      Are you sending data from Jive to your addon? If so you need to set the CORS header in your Node app's response. Something like this:
      
      you may want to also add the X-J-Token header (has fixed this issue in the past for me)
      
      response.setHeader('Access-Control-Allow-Headers', 'X-J-Token, Content-Type')
      
      Like (0)
      
      Actions
      - Re: REST API - Cross Origin Error
        
        jordan.van.bergen@copaco.com Oct 25, 2016 9:36 AM (in response to gregorytdunn91)
        
        I am sending the data inside a Jive hosted app (addon).
        
        Thanks Gregory Dunn ! This might be the missing link for me.
        
        But I am not certain where to put this part you explained currently I have used node js sdk to make this standard addon:
        
        jive-sdk create tile-app-internal --name="my-tile"
        npm update
        jive-sdk build add-on --apphosting="jive"
        
        In the ..../public/view.html I put my code (angularJS) and this works using the direct link to the addon but as soon as the addon is presented in a tile using the iframe gadget method I get these messages:
        No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin
        
        So maybe your tip is the solution but I don't know where to put this currently in what code inside the addon made by the node js sdk? Do you know where to put it?
        
        Like (0)
        
        Actions
        
        Re: REST API - Cross Origin Error
        
        gregorytdunn91 Oct 25, 2016 1:47 PM (in response to jordan.van.bergen@copaco.com)
        
        You need to set the Access Control Allow Origin header on the server side (can't be done in angular). I've never attempted to create an Add On like this, so I'm not entirely sure.
        
        You can check the headers on the view.html using Postman or Chrome Developer Tools. That may be a good place to start.
        1 person found this helpful
        
        Like (0)
        
        Actions
Re: REST API - Cross Origin Error

Ryan Rutan Oct 26, 2016 6:18 AM (in response to gregorytdunn91)

Or if you are calling a service from a Jive tile or App, you can use the OSAPI proxy service and bypass CORS restrictions all together. Just wanted to make sure that this was attached to the conversation.
Making REST API calls directly from a Jive app or tile
Like (0)

Actions