10 Replies Latest reply on Oct 26, 2016 6:18 AM by Ryan Rutan

    REST API - Cross Origin Error


      I wrote a script to create a user using the REST API.  I am easily able to run the API call through the Advanced Rest Chrome extension. I successfully have created users this way.


      However when running this call through a very basic ajax function, I get "XMLHttpRequest cannot load https://***********.com/api/core/v3/people/?welcome=true. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access. The response had HTTP status code 501."


      Normally to get around a cross origin error, you can set the dataType to jsonp. But in this case it fails and returns a 500 error. In my understanding the No 'Access-Control-Allow-Origin' header is present on the requested resource error is caused by the browser not accepting cross domain requests ( a different domain than where my script is running). The browser usually only allows a request in the same origin for security reasons. These restrictions are normally not used with extensions. Which explains why I can make the same call via Advanced Rest.  Normally to circumvent the error, I can declare the datatype as JSONP (JSONP - Wikipedia, the free encyclopedia). But it doesn't work and returns a 500 server error.


      Any thoughts?


      I would love to be able to take advantage of the Rest API in this way. It could become a very powerful tool for us as a company.  It is vital to scaling the community.






      My script (removed sensitive information):

      Screen Shot 2015-03-04 at 9.15.46 AM.png