10 Replies Latest reply on Oct 26, 2016 6:18 AM by ryanrutan

    REST API - Cross Origin Error

    gregorytdunn91

      I wrote a script to create a user using the REST API.  I am easily able to run the API call through the Advanced Rest Chrome extension. I successfully have created users this way.

       

      However when running this call through a very basic ajax function, I get "XMLHttpRequest cannot load https://***********.com/api/core/v3/people/?welcome=true. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access. The response had HTTP status code 501."

       

      Normally to get around a cross origin error, you can set the dataType to jsonp. But in this case it fails and returns a 500 error. In my understanding the No 'Access-Control-Allow-Origin' header is present on the requested resource error is caused by the browser not accepting cross domain requests ( a different domain than where my script is running). The browser usually only allows a request in the same origin for security reasons. These restrictions are normally not used with extensions. Which explains why I can make the same call via Advanced Rest.  Normally to circumvent the error, I can declare the datatype as JSONP (JSONP - Wikipedia, the free encyclopedia). But it doesn't work and returns a 500 server error.

       

      Any thoughts?

       

      I would love to be able to take advantage of the Rest API in this way. It could become a very powerful tool for us as a company.  It is vital to scaling the community.

       

      Best,

       

      Gregg

       

      My script (removed sensitive information):


      Screen Shot 2015-03-04 at 9.15.46 AM.png